rpm package

suse/ImageMagick&distro=SUSE Linux Enterprise Server 12 SP2

pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2

Vulnerabilities (230)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2018-8804		—	< 6.8.8.1-71.47.1	6.8.8.1-71.47.1	Mar 20, 2018	WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.
CVE-2017-18211		—	< 6.8.8.1-71.47.1	6.8.8.1-71.47.1	Mar 1, 2018	In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel.
CVE-2017-18209		—	< 6.8.8.1-71.47.1	6.8.8.1-71.47.1	Mar 1, 2018	In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.
CVE-2018-7470		—	< 6.8.8.1-71.47.1	6.8.8.1-71.47.1	Feb 25, 2018	An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file.
CVE-2018-7443		—	< 6.8.8.1-71.47.1	6.8.8.1-71.47.1	Feb 23, 2018	The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c)
CVE-2018-6405		—	< 6.8.8.1-71.42.1	6.8.8.1-71.42.1	Jan 30, 2018	In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.
CVE-2018-5685		—	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Jan 14, 2018	In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value.
CVE-2017-18029		—	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Jan 12, 2018	In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2017-18028		—	< 6.8.8.1-71.42.1	6.8.8.1-71.42.1	Jan 12, 2018	In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2017-18027		—	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Jan 12, 2018	In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2018-5357		—	< 6.8.8.1-71.42.1	6.8.8.1-71.42.1	Jan 12, 2018	ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.
CVE-2018-5247		—	< 6.8.8.1-71.26.1	6.8.8.1-71.26.1	Jan 5, 2018	In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.
CVE-2018-5246		—	< 6.8.8.1-71.26.1	6.8.8.1-71.26.1	Jan 5, 2018	In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.
CVE-2017-18022		—	< 6.8.8.1-71.26.1	6.8.8.1-71.26.1	Jan 5, 2018	In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.
CVE-2017-1000476		—	< 6.8.8.1-71.23.1	6.8.8.1-71.23.1	Jan 3, 2018	ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.
CVE-2017-1000445		—	< 6.8.8.1-71.23.1	6.8.8.1-71.23.1	Jan 2, 2018	ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service
CVE-2017-18008		—	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Jan 1, 2018	In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.
CVE-2017-17934	Med	6.5	< 6.8.8.1-71.42.1	6.8.8.1-71.42.1	Dec 27, 2017	ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.
CVE-2017-17914	Med	6.5	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Dec 27, 2017	In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.
CVE-2017-17885	Med	6.5	< 6.8.8.1-71.42.1	6.8.8.1-71.42.1	Dec 27, 2017	In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.

CVE-2018-8804Mar 20, 2018
affected < 6.8.8.1-71.47.1fixed 6.8.8.1-71.47.1
WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.
CVE-2017-18211Mar 1, 2018
affected < 6.8.8.1-71.47.1fixed 6.8.8.1-71.47.1
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel.
CVE-2017-18209Mar 1, 2018
affected < 6.8.8.1-71.47.1fixed 6.8.8.1-71.47.1
In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.
CVE-2018-7470Feb 25, 2018
affected < 6.8.8.1-71.47.1fixed 6.8.8.1-71.47.1
An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file.
CVE-2018-7443Feb 23, 2018
affected < 6.8.8.1-71.47.1fixed 6.8.8.1-71.47.1
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c)
CVE-2018-6405Jan 30, 2018
affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.
CVE-2018-5685Jan 14, 2018
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value.
CVE-2017-18029Jan 12, 2018
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2017-18028Jan 12, 2018
affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2017-18027Jan 12, 2018
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2018-5357Jan 12, 2018
affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.
CVE-2018-5247Jan 5, 2018
affected < 6.8.8.1-71.26.1fixed 6.8.8.1-71.26.1
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.
CVE-2018-5246Jan 5, 2018
affected < 6.8.8.1-71.26.1fixed 6.8.8.1-71.26.1
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.
CVE-2017-18022Jan 5, 2018
affected < 6.8.8.1-71.26.1fixed 6.8.8.1-71.26.1
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.
CVE-2017-1000476Jan 3, 2018
affected < 6.8.8.1-71.23.1fixed 6.8.8.1-71.23.1
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.
CVE-2017-1000445Jan 2, 2018
affected < 6.8.8.1-71.23.1fixed 6.8.8.1-71.23.1
ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service
CVE-2017-18008Jan 1, 2018
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.
CVE-2017-17934MedDec 27, 2017
affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.
CVE-2017-17914MedDec 27, 2017
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.
CVE-2017-17885MedDec 27, 2017
affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.

Page 1 of 12