CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12978 – imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c
https://notcve.org/view.php?id=CVE-2019-12978
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de "use of uninitialized value" en la función ReadPANGOImage en coders/pango.c. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html http://www.securityfocus.com/bid/108913 https://github.com/ImageMagick/ImageMagick/issues/1519 https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security/cve/CVE-2019-12978 https://bugzilla.redhat.com/show_bug.cgi?id=1732292 • CWE-456: Missing Initialization of a Variable CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12977
https://notcve.org/view.php?id=CVE-2019-12977
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de "use of uninitialized value" en la función WriteJP2Image en coders/jp2.c. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html http://www.securityfocus.com/bid/108913 https://github.com/ImageMagick/ImageMagick/issues/1518 https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 • CWE-665: Improper Initialization •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-12976 – imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c
https://notcve.org/view.php?id=CVE-2019-12976
ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c. ImageMagick versión 7.0.8-34 tiene una pérdida de memoria en la función ReadPCLImage en coders/pcl.c. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the ReadPCLImage() function. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them crash. An attacker could abuse this flaw by providing a specially crafted image and cause a Denial of Service by using all available memory. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html http://www.securityfocus.com/bid/108913 https://github.com/ImageMagick/ImageMagick/issues/1520 https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security/cve/CVE-2019-12976 https://bugzilla.redhat.com/show_bug.cgi?id=1732284 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-12975 – imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c
https://notcve.org/view.php?id=CVE-2019-12975
ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de pérdida de memoria en la función WriteDPXImage en coders/dpx.c. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the WriteDPXImage() function. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them crash. An attacker could abuse this flaw by providing a specially crafted image and cause a Denial of Service by using all available memory. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html http://www.securityfocus.com/bid/108913 https://github.com/ImageMagick/ImageMagick/issues/1517 https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security/cve/CVE-2019-12975 https://bugzilla.redhat.com/show_bug.cgi?id=1732282 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12974 – imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service
https://notcve.org/view.php?id=CVE-2019-12974
A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image. Una desreferencia de puntero NULL en la función ReadPANGOImage en coders/pango.c y la función ReadVIDImage en coders/vid.c en ImageMagick versión 7.0.8-34 permite a los atacantes remotos provocar una denegación de servicio a través de una imagen diseñada. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html http://www.securityfocus.com/bid/108913 https://github.com/ImageMagick/ImageMagick/issues/1515 https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security/cve/CVE-2019-12974 https://bugzilla.redhat.com/show_bug.cgi?id= • CWE-476: NULL Pointer Dereference •