CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2020-27766
https://notcve.org/view.php?id=CVE-2020-27766
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-69. Se encontró un fallo en ImageMagick en el archivo MagickCore/statistic.c. • https://bugzilla.redhat.com/show_bug.cgi?id=1894686 https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-27770
https://notcve.org/view.php?id=CVE-2020-27770
Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68. Debido a la falta de comprobación para el valor 0 de "replace_extent", es posible que el desplazamiento "p" se desborde en la función SubstituteString(), lo que podría afectar la disponibilidad de la aplicación. Esto podría ser provocado por un archivo de entrada diseñado que es procesado por ImageMagick. • https://bugzilla.redhat.com/show_bug.cgi?id=1894691 https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 1CVE-2020-27772
https://notcve.org/view.php?id=CVE-2020-27772
A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0. Se encontró un fallo en ImageMagick en el archivo coders/bmp.c. • https://bugzilla.redhat.com/show_bug.cgi?id=1898291 https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 1CVE-2020-27776
https://notcve.org/view.php?id=CVE-2020-27776
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0. Se encontró un fallo en ImageMagick en el archivo MagickCore/statistic.c. • https://bugzilla.redhat.com/show_bug.cgi?id=1898304 https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-27763
https://notcve.org/view.php?id=CVE-2020-27763
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68. Se encontró un fallo en ImageMagick en el archivo MagickCore/resize.c. • https://bugzilla.redhat.com/show_bug.cgi?id=1894682 https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-369: Divide By Zero •