rpm package
suse/ImageMagick&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5
pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-5341 | — | < 7.1.0.9-150400.6.27.1 | 7.1.0.9-150400.6.27.1 | Nov 19, 2023 | A heap use-after-free flaw was found in coders/bmp.c in ImageMagick. | ||
| CVE-2023-34474 | — | < 7.1.0.9-150400.6.24.1 | 7.1.0.9-150400.6.24.1 | Jun 16, 2023 | A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application to crash, resulting in a deni | ||
| CVE-2023-34153 | — | < 7.1.0.9-150400.6.21.1 | 7.1.0.9-150400.6.21.1 | May 30, 2023 | A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding. | ||
| CVE-2023-34151 | — | < 7.1.0.9-150400.6.21.1 | 7.1.0.9-150400.6.21.1 | May 30, 2023 | A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546). |
- CVE-2023-5341Nov 19, 2023affected < 7.1.0.9-150400.6.27.1fixed 7.1.0.9-150400.6.27.1
A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.
- CVE-2023-34474Jun 16, 2023affected < 7.1.0.9-150400.6.24.1fixed 7.1.0.9-150400.6.24.1
A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application to crash, resulting in a deni
- CVE-2023-34153May 30, 2023affected < 7.1.0.9-150400.6.21.1fixed 7.1.0.9-150400.6.21.1
A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding.
- CVE-2023-34151May 30, 2023affected < 7.1.0.9-150400.6.21.1fixed 7.1.0.9-150400.6.21.1
A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546).