CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2019-13302
https://notcve.org/view.php?id=CVE-2019-13302
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages. ImageMagick versión 7.0.8-50 Q16 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en lMagickCore/fourier.c en ComplexImages. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html https://github.com/ImageMagick/ImageMagick/commit/d5089971bd792311aaab5cb73460326d7ef7f32d https://github.com/ImageMagick/ImageMagick/issues/1597 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 2CVE-2019-13301 – ImageMagick: memory leaks in AcquireMagickMemory
https://notcve.org/view.php?id=CVE-2019-13301
ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error. ImageMagick versión 7.0.8-50 Q16 tiene fugas de memoria en AcquireMagickMemory debido a un error de AnnotateImage. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025 https://github.com/ImageMagick/ImageMagick/issues/1585 https://github.com/ImageMagick/ImageMagick/issues/1589 https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security/cve/CVE-2019-13301 https://bugzilla.redhat.com/show_bug.cgi?id=1730575 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 1CVE-2019-13300 – ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns
https://notcve.org/view.php?id=CVE-2019-13300
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns. ImageMagick versión 7.0.8-50 Q16 tiene un desbordamiento de búfer basado en memoria dinámica (heap) en MagickCore/statistic.c en EvaluateImages debido a la gestión incorrecta de las columnas. A heap-based buffer overflow was discovered in ImageMagick in the way it applies a value with arithmetic, relational, or logical operators to an image due to mishandling columns. Applications compiled against ImageMagick libraries that accept untrustworthy images and use the evaluate-sequence option or function EvaluateImages may be vulnerable to this flaw. An attacker could abuse this flaw by providing a specially crafted image to make the application crash or potentially execute code. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a https://github.com/ImageMagick/ImageMagick/issues/1586 https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450 https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 https://www.debian.org/security/2020/dsa-4715 https://access.redhat.com/security/cve/CVE-2019-13300 https://bugzilla.redhat.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2019-13299
https://notcve.org/view.php?id=CVE-2019-13299
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel. ImageMagick versión 7.0.8-50 Q16 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en MagickCore/pixel-accessor.h en GetPixelChannel. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html https://github.com/ImageMagick/ImageMagick/commit/8187d2d8fd010d2d6b1a3a8edd935beec404dddc https://github.com/ImageMagick/ImageMagick/issues/1610 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2019-13298
https://notcve.org/view.php?id=CVE-2019-13298
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error. ImageMagick versión 7.0.8-50 Q16, presenta un desbordamiento de búfer en la región heap de la memoria en el archivo MagickCore/pixel-accessor.h en la función SetPixelViaPixelInfo debido a un error del archivo MagickCore/enh.c. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html https://github.com/ImageMagick/ImageMagick/commit/d4fc44b58a14f76b1ac997517d742ee12c9dc5d3 https://github.com/ImageMagick/ImageMagick/issues/1611 • CWE-787: Out-of-bounds Write •