CVE-2019-13137
https://notcve.org/view.php?id=CVE-2019-13137
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de fuga de memoria en la función ReadPSImage in coders/ps. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34 https://github.com/ImageMagick/ImageMagick/issues/1601 https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2019-13136
https://notcve.org/view.php?id=CVE-2019-13136
ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de desbordamiento de enteros en la función TIFFSeekCustomStream in coders/tiff.c. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html https://github.com/ImageMagick/ImageMagick/commit/fe5f4b85e6b1b54d3b4588a77133c06ade46d891 https://github.com/ImageMagick/ImageMagick/issues/1602 https://support.f5.com/csp/article/K03512441?utm_source=f5support&%3Butm_medium=RSS • CWE-190: Integer Overflow or Wraparound •
CVE-2019-13135 – ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS
https://notcve.org/view.php?id=CVE-2019-13135
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de "use of uninitialized value" en la función ReadCUTImage in coders/cut.c. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d https://github.com/ImageMagick/ImageMagick/issues/1599 https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html https://support.f5.com/csp/article/K20336394 https://support.f5.com/csp/article • CWE-456: Missing Initialization of a Variable CWE-908: Use of Uninitialized Resource •
CVE-2019-10131 – ImageMagick: off-by-one read in formatIPTCfromBuffer function in coders/meta.c
https://notcve.org/view.php?id=CVE-2019-10131
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program. Se encontró una vulnerabilidad de lectura off-by-one en ImageMagick anterior a la versión 7.0.7-28 en la función formatIPTCfromBuffer en coders/meta.c. Un atacante local puede utilizar este fallo para leer más allá del final del búfer o para bloquear el programa. An off-by-one read vulnerability was discovered in ImageMagick in the formatIPTCfromBuffer function in coders/meta.c. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html http://www.securityfocus.com/bid/108117 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10131 https://github.com/ImageMagick/ImageMagick/commit/cb1214c124e1bd61f7dd551b94a794864861592e https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://usn.ubuntu.com/4034-1 https://access.redhat.com/security/cve/CVE-2019-10131 https:/ • CWE-193: Off-by-one Error •
CVE-2019-10714
https://notcve.org/view.php?id=CVE-2019-10714
LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV. En ImageMagick, en versiones anteriores a la 7.0.8-32, LocaleLowercase en MagickCore/locale.c permite un acceso fuera de límties, conduciendo a un SIGSEGV. • https://github.com/ImageMagick/ImageMagick/commit/07eebcd72f45c8fd7563d3f9ec5d2bed48f65f36 https://github.com/ImageMagick/ImageMagick/commit/58d9c46929ca0828edde34d263700c3a5fe8dc3c https://github.com/ImageMagick/ImageMagick/commit/edc7d3035883ddca8413e4fe7689aa2e579ef04a https://github.com/ImageMagick/ImageMagick/issues/1495 • CWE-125: Out-of-bounds Read •