Graphicsmagick
Source repositories
CVEs (128)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-17782 | Hig | 0.57 | 8.8 | 0.02 | Dec 20, 2017 | In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation. | ||
| CVE-2017-17503 | Hig | 0.57 | 8.8 | 0.02 | Dec 11, 2017 | ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file. | ||
| CVE-2017-17502 | Hig | 0.57 | 8.8 | 0.02 | Dec 11, 2017 | ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file. | ||
| CVE-2017-17501 | Hig | 0.57 | 8.8 | 0.03 | Dec 11, 2017 | WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file. | ||
| CVE-2017-17500 | Hig | 0.57 | 8.8 | 0.03 | Dec 11, 2017 | ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file. | ||
| CVE-2017-17498 | Hig | 0.57 | 8.8 | 0.03 | Dec 11, 2017 | WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | ||
| CVE-2017-16669 | Hig | 0.57 | 8.8 | 0.03 | Nov 9, 2017 | coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c. | ||
| CVE-2017-16547 | Hig | 0.57 | 8.8 | 0.02 | Nov 6, 2017 | The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified… | ||
| CVE-2017-16545 | Hig | 0.57 | 8.8 | 0.02 | Nov 5, 2017 | The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via… | ||
| CVE-2017-15930 | Hig | 0.57 | 8.8 | 0.03 | Oct 27, 2017 | In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer. | ||
| CVE-2017-15238 | Hig | 0.57 | 8.8 | 0.02 | Oct 11, 2017 | ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage. | ||
| CVE-2017-13147 | Hig | 0.57 | 8.8 | 0.02 | Aug 23, 2017 | In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value. | ||
| CVE-2017-12937 | Hig | 0.57 | 8.8 | 0.02 | Aug 18, 2017 | The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read. | ||
| CVE-2017-12935 | Hig | 0.57 | 8.8 | 0.02 | Aug 18, 2017 | The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c. | ||
| CVE-2017-11642 | Hig | 0.57 | 8.8 | 0.02 | Jul 26, 2017 | GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638. | ||
| CVE-2017-11638 | Hig | 0.57 | 8.8 | 0.02 | Jul 26, 2017 | GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642. | ||
| CVE-2026-13606 | imp | 0.53 | 8.1 | — | Jun 28, 2026 | GraphicsMagick: GraphicsMagick: Memory corruption via crafted Photo CD (PCD) file | ||
| CVE-2016-8684 | Hig | 0.51 | 7.8 | 0.02 | Feb 15, 2017 | The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file." | ||
| CVE-2016-8683 | Hig | 0.51 | 7.8 | 0.02 | Feb 15, 2017 | The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file." | ||
| CVE-2017-17783 | Hig | 0.49 | 7.5 | 0.02 | Dec 20, 2017 | In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8. |
- risk 0.57cvss 8.8epss 0.02
In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation.
- risk 0.57cvss 8.8epss 0.02
ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.
- risk 0.57cvss 8.8epss 0.02
ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file.
- risk 0.57cvss 8.8epss 0.03
WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file.
- risk 0.57cvss 8.8epss 0.03
ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file.
- risk 0.57cvss 8.8epss 0.03
WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
- risk 0.57cvss 8.8epss 0.03
coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c.
- risk 0.57cvss 8.8epss 0.02
The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified…
- risk 0.57cvss 8.8epss 0.02
The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via…
- risk 0.57cvss 8.8epss 0.03
In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer.
- risk 0.57cvss 8.8epss 0.02
ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage.
- risk 0.57cvss 8.8epss 0.02
In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value.
- risk 0.57cvss 8.8epss 0.02
The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read.
- risk 0.57cvss 8.8epss 0.02
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.
- risk 0.57cvss 8.8epss 0.02
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638.
- risk 0.57cvss 8.8epss 0.02
GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642.
- risk 0.53cvss 8.1epss —
GraphicsMagick: GraphicsMagick: Memory corruption via crafted Photo CD (PCD) file
- risk 0.51cvss 7.8epss 0.02
The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
- risk 0.51cvss 7.8epss 0.02
The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
- risk 0.49cvss 7.5epss 0.02
In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8.
Page 2 of 7