Page 11 of 237 results (0.003 seconds)

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1

In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor() function. These calculations produced undefined behavior in the form of out-of-range and integer overflows, as identified by UndefinedBehaviorSanitizer. These instances of undefined behavior could be triggered by an attacker who is able to supply a crafted input file to be processed by ImageMagick. These issues could impact application availability or potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0. • https://bugzilla.redhat.com/show_bug.cgi?id=1891934 https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-190: Integer Overflow or Wraparound •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 1

In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer. Such issues could cause a negative impact to application availability or other problems related to undefined behavior, in cases where ImageMagick processes untrusted input data. The upstream patch introduces functionality to constrain the pixel offsets and prevent these issues. This flaw affects ImageMagick versions prior to 7.0.9-0. En las rutinas CropImage() y CropImageToTiles() del archivo MagickCore/transform.c, los cálculos de redondeo realizados en desplazamientos de píxeles sin restricciones provocaban un comportamiento indefinido en forma de desbordamiento de enteros y valores fuera de rango según lo informado por UndefinedBehaviorSanitizer. • https://bugzilla.redhat.com/show_bug.cgi?id=1891933 https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-190: Integer Overflow or Wraparound •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 1

A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long. The flaw could be triggered by a crafted input file under certain conditions when it is processed by ImageMagick. Red Hat Product Security marked this as Low because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to 7.0.8-68. Un cálculo matemático de punto flotante en la función ScaleAnyToQuantum() del archivo /MagickCore/quantum-private.h, podría conducir a un comportamiento indefinido en forma de un valor fuera del rango de tipo unsigned long long. • https://bugzilla.redhat.com/show_bug.cgi?id=1894234 https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-190: Integer Overflow or Wraparound •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 1

A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0. Se encontró un fallo en ImageMagick en el archivo MagickCore/gem-private.h. • https://bugzilla.redhat.com/show_bug.cgi?id=1898295 https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-369: Divide By Zero •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1

Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68. Debido a la falta de comprobación para el valor 0 de "replace_extent", es posible que el desplazamiento "p" se desborde en la función SubstituteString(), lo que podría afectar la disponibilidad de la aplicación. Esto podría ser provocado por un archivo de entrada diseñado que es procesado por ImageMagick. • https://bugzilla.redhat.com/show_bug.cgi?id=1894691 https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-190: Integer Overflow or Wraparound •