rpm package
suse/ImageMagick&distro=SUSE Linux Enterprise Point of Sale 11 SP3
pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3
Vulnerabilities (26)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-27769 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | May 14, 2021 | In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c. | ||
| CVE-2020-27768 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Feb 23, 2021 | In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0. | ||
| CVE-2020-27755 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Dec 8, 2020 | in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. The patch resets the depth to a proper size before throwi | ||
| CVE-2020-27753 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Dec 8, 2020 | There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial of service. It was origin | ||
| CVE-2020-27752 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Dec 8, 2020 | A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an im | ||
| CVE-2020-25664 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Dec 8, 2020 | In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attack | ||
| CVE-2020-27754 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Dec 8, 2020 | In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file. To mitigate this, the patch introduces and uses the ConstrainPixelIntensity() function, which | ||
| CVE-2020-27751 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Dec 8, 2020 | A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long long` as well as a shift exponent that is too la | ||
| CVE-2020-25666 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Dec 8, 2020 | There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. This occurs in the rgb values and `count` value for a color. The patch uses casts to `ssize_t` type for these calculations, instead of `int`. | ||
| CVE-2020-27775 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Dec 4, 2020 | A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application | ||
| CVE-2020-27772 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Dec 4, 2020 | A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availa | ||
| CVE-2020-27771 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Dec 4, 2020 | In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. The patch casts the return value of GetPixelIndex() to ssize_t type to avoid this bug. This undefin | ||
| CVE-2020-27767 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Dec 4, 2020 | A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an impact | ||
| CVE-2020-27765 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Dec 4, 2020 | A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could | ||
| CVE-2020-27763 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Dec 3, 2020 | A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could p | ||
| CVE-2020-27761 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Dec 3, 2020 | WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to `ssize_t` instea | ||
| CVE-2020-27760 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Dec 3, 2020 | In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the `PerceptibleReciproc | ||
| CVE-2020-27759 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Dec 3, 2020 | In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by | ||
| CVE-2020-19667 | — | < 6.4.3.6-78.135.1 | 6.4.3.6-78.135.1 | Nov 20, 2020 | Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7. | ||
| CVE-2019-7175 | — | < 6.4.3.6-78.92.1 | 6.4.3.6-78.92.1 | Mar 7, 2019 | In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c. |
- CVE-2020-27769May 14, 2021affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.
- CVE-2020-27768Feb 23, 2021affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0.
- CVE-2020-27755Dec 8, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. The patch resets the depth to a proper size before throwi
- CVE-2020-27753Dec 8, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial of service. It was origin
- CVE-2020-27752Dec 8, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an im
- CVE-2020-25664Dec 8, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attack
- CVE-2020-27754Dec 8, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file. To mitigate this, the patch introduces and uses the ConstrainPixelIntensity() function, which
- CVE-2020-27751Dec 8, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long long` as well as a shift exponent that is too la
- CVE-2020-25666Dec 8, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. This occurs in the rgb values and `count` value for a color. The patch uses casts to `ssize_t` type for these calculations, instead of `int`.
- CVE-2020-27775Dec 4, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application
- CVE-2020-27772Dec 4, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availa
- CVE-2020-27771Dec 4, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. The patch casts the return value of GetPixelIndex() to ssize_t type to avoid this bug. This undefin
- CVE-2020-27767Dec 4, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an impact
- CVE-2020-27765Dec 4, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could
- CVE-2020-27763Dec 3, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could p
- CVE-2020-27761Dec 3, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to `ssize_t` instea
- CVE-2020-27760Dec 3, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the `PerceptibleReciproc
- CVE-2020-27759Dec 3, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by
- CVE-2020-19667Nov 20, 2020affected < 6.4.3.6-78.135.1fixed 6.4.3.6-78.135.1
Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7.
- CVE-2019-7175Mar 7, 2019affected < 6.4.3.6-78.92.1fixed 6.4.3.6-78.92.1
In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.
Page 1 of 2