rpm package
suse/ImageMagick&distro=SUSE Linux Enterprise Module for Development Tools 15 SP2
pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2
Vulnerabilities (45)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-27750 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 8, 2020 | A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` and math division | ||
| CVE-2020-25676 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 8, 2020 | In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor() function. T | ||
| CVE-2020-25675 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 8, 2020 | In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer. Such issu | ||
| CVE-2020-25674 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 8, 2020 | WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will lo | ||
| CVE-2020-25666 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 8, 2020 | There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. This occurs in the rgb values and `count` value for a color. The patch uses casts to `ssize_t` type for these calculations, instead of `int`. | ||
| CVE-2020-25665 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 8, 2020 | The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. The patch adds 256 to bytes_per_row in the call to AcquireQuantumM | ||
| CVE-2020-29599 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 7, 2020 | ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell co | ||
| CVE-2020-27776 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 4, 2020 | A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long. This would most likely lead to an impact to applicati | ||
| CVE-2020-27775 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 4, 2020 | A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application | ||
| CVE-2020-27774 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 4, 2020 | A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application | ||
| CVE-2020-27773 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 4, 2020 | A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero. This would most likely lead t | ||
| CVE-2020-27772 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 4, 2020 | A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availa | ||
| CVE-2020-27771 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 4, 2020 | In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. The patch casts the return value of GetPixelIndex() to ssize_t type to avoid this bug. This undefin | ||
| CVE-2020-27770 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 4, 2020 | Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects Image | ||
| CVE-2020-27767 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 4, 2020 | A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an impact | ||
| CVE-2020-27766 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 4, 2020 | A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long`. This would most likely lead to an impact to applica | ||
| CVE-2020-27765 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 4, 2020 | A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could | ||
| CVE-2020-27764 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 3, 2020 | In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick. Red Hat Product Security marked thi | ||
| CVE-2020-27763 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 3, 2020 | A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could p | ||
| CVE-2020-27762 | — | < 7.0.7.34-10.9.1 | 7.0.7.34-10.9.1 | Dec 3, 2020 | A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char`. This would most likely lead to an impact to application avail |
- CVE-2020-27750Dec 8, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` and math division
- CVE-2020-25676Dec 8, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor() function. T
- CVE-2020-25675Dec 8, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer. Such issu
- CVE-2020-25674Dec 8, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will lo
- CVE-2020-25666Dec 8, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. This occurs in the rgb values and `count` value for a color. The patch uses casts to `ssize_t` type for these calculations, instead of `int`.
- CVE-2020-25665Dec 8, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. The patch adds 256 to bytes_per_row in the call to AcquireQuantumM
- CVE-2020-29599Dec 7, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell co
- CVE-2020-27776Dec 4, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long. This would most likely lead to an impact to applicati
- CVE-2020-27775Dec 4, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application
- CVE-2020-27774Dec 4, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application
- CVE-2020-27773Dec 4, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero. This would most likely lead t
- CVE-2020-27772Dec 4, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availa
- CVE-2020-27771Dec 4, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. The patch casts the return value of GetPixelIndex() to ssize_t type to avoid this bug. This undefin
- CVE-2020-27770Dec 4, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects Image
- CVE-2020-27767Dec 4, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an impact
- CVE-2020-27766Dec 4, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long`. This would most likely lead to an impact to applica
- CVE-2020-27765Dec 4, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could
- CVE-2020-27764Dec 3, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick. Red Hat Product Security marked thi
- CVE-2020-27763Dec 3, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could p
- CVE-2020-27762Dec 3, 2020affected < 7.0.7.34-10.9.1fixed 7.0.7.34-10.9.1
A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char`. This would most likely lead to an impact to application avail
Page 2 of 3