VYPR

Graphicsmagick

by Graphicsmagick

Source repositories

CVEs (128)

  • CVE-2016-9830MedMar 1, 2017
    risk 0.36cvss 5.5epss 0.02

    The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.

  • CVE-2016-5240MedFeb 27, 2017
    risk 0.36cvss 5.5epss 0.02

    The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file.

  • CVE-2016-5241MedFeb 3, 2017
    risk 0.36cvss 5.5epss 0.02

    magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.

  • CVE-2016-2318MedFeb 3, 2017
    risk 0.36cvss 5.5epss 0.02

    GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.

  • CVE-2016-2317MedFeb 3, 2017
    risk 0.36cvss 5.5epss 0.02

    Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in…

  • CVE-2015-8808MedJul 13, 2016
    risk 0.36cvss 5.5epss 0.02

    The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.

  • CVE-2005-1275Apr 25, 2005
    risk 0.04cvss epss 0.14

    Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.

  • CVE-2009-1882Jun 2, 2009
    risk 0.01cvss epss 0.07

    Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. NOTE: some of…

  • CVE-2008-6071Feb 10, 2009
    risk 0.01cvss epss 0.07

    Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. NOTE: some of these details…

  • CVE-2025-32460Apr 9, 2025
    risk 0.00cvss epss 0.00

    GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call.

  • CVE-2025-27795Mar 7, 2025
    risk 0.00cvss epss 0.00

    ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits.

  • CVE-2025-27796Mar 7, 2025
    risk 0.00cvss epss 0.00

    ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob.

  • CVE-2020-21679Aug 22, 2023
    risk 0.00cvss epss 0.00

    Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format.

  • CVE-2022-1270Sep 28, 2022
    risk 0.00cvss epss 0.00

    In GraphicsMagick, a heap buffer overflow was found when parsing MIFF.

  • CVE-2020-12672May 6, 2020
    risk 0.00cvss epss 0.03

    GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.

  • CVE-2020-10938Mar 24, 2020
    risk 0.00cvss epss 0.05

    GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.

  • CVE-2019-12921Mar 18, 2020
    risk 0.00cvss epss 0.08

    In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG.

  • CVE-2019-19950Dec 24, 2019
    risk 0.00cvss epss 0.03

    In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.

  • CVE-2019-19951Dec 24, 2019
    risk 0.00cvss epss 0.03

    In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.

  • CVE-2019-19953Dec 24, 2019
    risk 0.00cvss epss 0.03

    In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.

Page 5 of 7