rpm package
suse/ImageMagick&distro=SUSE Linux Enterprise Server 12 SP2-LTSS
pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS
Vulnerabilities (45)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-7395 | — | < 6.8.8.1-71.108.1 | 6.8.8.1-71.108.1 | Feb 5, 2019 | In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c. | ||
| CVE-2018-20467 | — | < 6.8.8.1-71.108.1 | 6.8.8.1-71.108.1 | Dec 26, 2018 | In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. | ||
| CVE-2018-16644 | — | < 6.8.8.1-71.108.1 | 6.8.8.1-71.108.1 | Sep 6, 2018 | There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image. | ||
| CVE-2018-16413 | — | < 6.8.8.1-71.108.1 | 6.8.8.1-71.108.1 | Sep 3, 2018 | ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function. | ||
| CVE-2018-16412 | — | < 6.8.8.1-71.108.1 | 6.8.8.1-71.108.1 | Sep 3, 2018 | ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function. |
- CVE-2019-7395Feb 5, 2019affected < 6.8.8.1-71.108.1fixed 6.8.8.1-71.108.1
In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.
- CVE-2018-20467Dec 26, 2018affected < 6.8.8.1-71.108.1fixed 6.8.8.1-71.108.1
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
- CVE-2018-16644Sep 6, 2018affected < 6.8.8.1-71.108.1fixed 6.8.8.1-71.108.1
There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.
- CVE-2018-16413Sep 3, 2018affected < 6.8.8.1-71.108.1fixed 6.8.8.1-71.108.1
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function.
- CVE-2018-16412Sep 3, 2018affected < 6.8.8.1-71.108.1fixed 6.8.8.1-71.108.1
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function.
Page 3 of 3