rpm package
suse/ImageMagick&distro=SUSE Linux Enterprise Real Time 15 SP3
pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-34151 | — | < 7.0.7.34-150200.10.48.1 | 7.0.7.34-150200.10.48.1 | May 30, 2023 | A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546). | ||
| CVE-2023-1289 | — | < 7.0.7.34-150200.10.45.1 | 7.0.7.34-150200.10.45.1 | Mar 23, 2023 | A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," result | ||
| CVE-2022-44268 | — | < 7.0.7.34-150200.10.42.1 | 7.0.7.34-150200.10.42.1 | Feb 6, 2023 | ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it). | ||
| CVE-2022-44267 | — | < 7.0.7.34-150200.10.42.1 | 7.0.7.34-150200.10.42.1 | Feb 6, 2023 | ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input. |
- CVE-2023-34151May 30, 2023affected < 7.0.7.34-150200.10.48.1fixed 7.0.7.34-150200.10.48.1
A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546).
- CVE-2023-1289Mar 23, 2023affected < 7.0.7.34-150200.10.45.1fixed 7.0.7.34-150200.10.45.1
A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," result
- CVE-2022-44268Feb 6, 2023affected < 7.0.7.34-150200.10.42.1fixed 7.0.7.34-150200.10.42.1
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).
- CVE-2022-44267Feb 6, 2023affected < 7.0.7.34-150200.10.42.1fixed 7.0.7.34-150200.10.42.1
ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input.