CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-7396
https://notcve.org/view.php?id=CVE-2019-7396
In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c. En ImageMagick en versiones anteriores a la 7.0.8-25, existe una vulnerabilidad de fuga de memoria en ReadSIXELImage en coders/sixel.c. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html http://www.securityfocus.com/bid/106849 https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce https://github.com/ImageMagick/ImageMagick/issues/1452 https://usn.ubuntu.com/4034-1 https://www.debian.org/security/2020/dsa-4712 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2019-7397 – ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c
https://notcve.org/view.php?id=CVE-2019-7397
In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. En ImageMagick, en versiones anteriores a la 7.0.8-25, y GraphicsMagick, hasta la versión 1.3.31, existen varias vulnerabilidades de fuga de memoria en WritePDFImage en coders/pdf.c. • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1 http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html http://www.securityfocus.com/bid/106847 https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82 https://github.com/ImageMagick/ImageMagick/issues/1454 https://usn.ubuntu.com/4034-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security&#x • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-7398 – ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c
https://notcve.org/view.php?id=CVE-2019-7398
In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c. En ImageMagick en versiones anteriores a la 7.0.8-25, existe una vulnerabilidad de fuga de memoria en WriteDIBImage en coders/dib.c. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html http://www.securityfocus.com/bid/106848 https://github.com/ImageMagick/ImageMagick/issues/1453 https://usn.ubuntu.com/4034-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security/cve/CVE-2019-7398 https://bugzilla.redhat.com/show_bug.cgi?id=1672560 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2018-20467 – ImageMagick: infinite loop in coders/bmp.c
https://notcve.org/view.php?id=CVE-2018-20467
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. En coders/bmp.c en ImageMagick en versiones anteriores a la 7.0.8-16, un archivo de entradas puede resultar en un bucle infinito y un bloqueo, con un gran consumo de CPU y memoria. Los atacantes remotos pueden aprovechar esta vulnerabilidad para provocar una denegación de servicio (DoS) mediante un archivo manipulado. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html http://www.securityfocus.com/bid/106315 https://github.com/ImageMagick/ImageMagick/commit/db0add932fb850d762b02604ca3053b7d7ab6deb https://github.com/ImageMagick/ImageMagick/issues/1408 https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://usn.ubuntu.com/4034-1 https://access.redhat.com/security/cve/CVE-2018-20467 https://bugzilla.re • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2018-16749 – ImageMagick: reachable assertion in ReadOneJNGImage in coders/png.c
https://notcve.org/view.php?id=CVE-2018-16749
In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file. En ImageMagick 7.0.7-29 y anteriores, la falta de una comprobación NULL en ReadOneJNGImage en coders/png.c permite que un atacante provoque una denegación de servicio (fallo de aserción en WriteBlob y salida de la aplicación) mediante un archivo manipulado. • https://github.com/ImageMagick/ImageMagick/issues/1119 https://github.com/ImageMagick/ImageMagick6/commit/1007b98f8795ad4bea6bc5f68a32d83e982fdae4 https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html https://usn.ubuntu.com/3785-1 https://access.redhat.com/security/cve/CVE-2018-16749 https://bugzilla.redhat.com/show_bug.cgi?id=1627916 • CWE-476: NULL Pointer Dereference CWE-617: Reachable Assertion •