rpm package
suse/GraphicsMagick&distro=SUSE Package Hub 15 SP1
pkg:rpm/suse/GraphicsMagick&distro=SUSE%20Package%20Hub%2015%20SP1
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-12672 | — | < 1.3.29-bp151.5.15.1 | 1.3.29-bp151.5.15.1 | May 6, 2020 | GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c. | ||
| CVE-2020-10938 | — | < 1.3.29-bp151.5.12.1 | 1.3.29-bp151.5.12.1 | Mar 24, 2020 | GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c. | ||
| CVE-2019-12921 | — | < 1.3.29-bp151.5.12.1 | 1.3.29-bp151.5.12.1 | Mar 18, 2020 | In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG. | ||
| CVE-2019-19950 | — | < 1.3.29-bp151.5.9.1 | 1.3.29-bp151.5.9.1 | Dec 24, 2019 | In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c. | ||
| CVE-2019-19951 | — | < 1.3.29-bp151.5.9.1 | 1.3.29-bp151.5.9.1 | Dec 24, 2019 | In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c. | ||
| CVE-2019-19953 | — | < 1.3.29-bp151.5.9.1 | 1.3.29-bp151.5.9.1 | Dec 24, 2019 | In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c. | ||
| CVE-2019-16709 | — | < 1.3.29-bp151.5.6.1 | 1.3.29-bp151.5.6.1 | Sep 23, 2019 | ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage. |
- CVE-2020-12672May 6, 2020affected < 1.3.29-bp151.5.15.1fixed 1.3.29-bp151.5.15.1
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.
- CVE-2020-10938Mar 24, 2020affected < 1.3.29-bp151.5.12.1fixed 1.3.29-bp151.5.12.1
GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.
- CVE-2019-12921Mar 18, 2020affected < 1.3.29-bp151.5.12.1fixed 1.3.29-bp151.5.12.1
In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG.
- CVE-2019-19950Dec 24, 2019affected < 1.3.29-bp151.5.9.1fixed 1.3.29-bp151.5.9.1
In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.
- CVE-2019-19951Dec 24, 2019affected < 1.3.29-bp151.5.9.1fixed 1.3.29-bp151.5.9.1
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.
- CVE-2019-19953Dec 24, 2019affected < 1.3.29-bp151.5.9.1fixed 1.3.29-bp151.5.9.1
In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.
- CVE-2019-16709Sep 23, 2019affected < 1.3.29-bp151.5.6.1fixed 1.3.29-bp151.5.6.1
ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.