rpm package
suse/ImageMagick&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2
pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2
Vulnerabilities (275)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-7395 | — | < 6.8.8.1-71.108.1 | 6.8.8.1-71.108.1 | Feb 5, 2019 | In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c. | ||
| CVE-2018-20467 | — | < 6.8.8.1-71.108.1 | 6.8.8.1-71.108.1 | Dec 26, 2018 | In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. | ||
| CVE-2018-16644 | — | < 6.8.8.1-71.108.1 | 6.8.8.1-71.108.1 | Sep 6, 2018 | There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image. | ||
| CVE-2018-16413 | — | < 6.8.8.1-71.108.1 | 6.8.8.1-71.108.1 | Sep 3, 2018 | ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function. | ||
| CVE-2018-16412 | — | < 6.8.8.1-71.108.1 | 6.8.8.1-71.108.1 | Sep 3, 2018 | ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function. | ||
| CVE-2018-8804 | — | < 6.8.8.1-71.47.1 | 6.8.8.1-71.47.1 | Mar 20, 2018 | WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file. | ||
| CVE-2017-18211 | — | < 6.8.8.1-71.47.1 | 6.8.8.1-71.47.1 | Mar 1, 2018 | In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel. | ||
| CVE-2017-18209 | — | < 6.8.8.1-71.47.1 | 6.8.8.1-71.47.1 | Mar 1, 2018 | In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory. | ||
| CVE-2018-7470 | — | < 6.8.8.1-71.47.1 | 6.8.8.1-71.47.1 | Feb 25, 2018 | An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file. | ||
| CVE-2018-7443 | — | < 6.8.8.1-71.47.1 | 6.8.8.1-71.47.1 | Feb 23, 2018 | The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c) | ||
| CVE-2018-6405 | — | < 6.8.8.1-71.42.1 | 6.8.8.1-71.42.1 | Jan 30, 2018 | In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service. | ||
| CVE-2018-5685 | — | < 6.8.8.1-71.33.1 | 6.8.8.1-71.33.1 | Jan 14, 2018 | In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value. | ||
| CVE-2017-18029 | — | < 6.8.8.1-71.33.1 | 6.8.8.1-71.33.1 | Jan 12, 2018 | In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-18028 | — | < 6.8.8.1-71.42.1 | 6.8.8.1-71.42.1 | Jan 12, 2018 | In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-18027 | — | < 6.8.8.1-71.33.1 | 6.8.8.1-71.33.1 | Jan 12, 2018 | In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file. | ||
| CVE-2018-5357 | — | < 6.8.8.1-71.42.1 | 6.8.8.1-71.42.1 | Jan 12, 2018 | ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c. | ||
| CVE-2018-5247 | — | < 6.8.8.1-71.26.1 | 6.8.8.1-71.26.1 | Jan 5, 2018 | In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c. | ||
| CVE-2018-5246 | — | < 6.8.8.1-71.26.1 | 6.8.8.1-71.26.1 | Jan 5, 2018 | In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c. | ||
| CVE-2017-18022 | — | < 6.8.8.1-71.26.1 | 6.8.8.1-71.26.1 | Jan 5, 2018 | In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c. | ||
| CVE-2017-1000476 | — | < 6.8.8.1-71.23.1 | 6.8.8.1-71.23.1 | Jan 3, 2018 | ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service. |
- CVE-2019-7395Feb 5, 2019affected < 6.8.8.1-71.108.1fixed 6.8.8.1-71.108.1
In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.
- CVE-2018-20467Dec 26, 2018affected < 6.8.8.1-71.108.1fixed 6.8.8.1-71.108.1
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
- CVE-2018-16644Sep 6, 2018affected < 6.8.8.1-71.108.1fixed 6.8.8.1-71.108.1
There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.
- CVE-2018-16413Sep 3, 2018affected < 6.8.8.1-71.108.1fixed 6.8.8.1-71.108.1
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function.
- CVE-2018-16412Sep 3, 2018affected < 6.8.8.1-71.108.1fixed 6.8.8.1-71.108.1
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function.
- CVE-2018-8804Mar 20, 2018affected < 6.8.8.1-71.47.1fixed 6.8.8.1-71.47.1
WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.
- CVE-2017-18211Mar 1, 2018affected < 6.8.8.1-71.47.1fixed 6.8.8.1-71.47.1
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel.
- CVE-2017-18209Mar 1, 2018affected < 6.8.8.1-71.47.1fixed 6.8.8.1-71.47.1
In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.
- CVE-2018-7470Feb 25, 2018affected < 6.8.8.1-71.47.1fixed 6.8.8.1-71.47.1
An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file.
- CVE-2018-7443Feb 23, 2018affected < 6.8.8.1-71.47.1fixed 6.8.8.1-71.47.1
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c)
- CVE-2018-6405Jan 30, 2018affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.
- CVE-2018-5685Jan 14, 2018affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value.
- CVE-2017-18029Jan 12, 2018affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
- CVE-2017-18028Jan 12, 2018affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.
- CVE-2017-18027Jan 12, 2018affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
- CVE-2018-5357Jan 12, 2018affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.
- CVE-2018-5247Jan 5, 2018affected < 6.8.8.1-71.26.1fixed 6.8.8.1-71.26.1
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.
- CVE-2018-5246Jan 5, 2018affected < 6.8.8.1-71.26.1fixed 6.8.8.1-71.26.1
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.
- CVE-2017-18022Jan 5, 2018affected < 6.8.8.1-71.26.1fixed 6.8.8.1-71.26.1
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.
- CVE-2017-1000476Jan 3, 2018affected < 6.8.8.1-71.23.1fixed 6.8.8.1-71.23.1
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.
Page 3 of 14