CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-13133 – ImageMagick: a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c
https://notcve.org/view.php?id=CVE-2019-13133
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de fuga de memoria en la función ReadBMPImage in coders/bmp.c. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html https://github.com/ImageMagick/ImageMagick/commit/fe3066122ef72c82415811d25e9e3fad622c0a99 https://github.com/ImageMagick/ImageMagick/issues/1600 https://access.redhat.com/security/cve/CVE-2019-13133 https://bugzilla.redhat.com/show_bug.cgi?id=1726078 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2019-12979 – imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c
https://notcve.org/view.php?id=CVE-2019-12979
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de "use of uninitialized value" en la función SyncImageSettings en MagickCore/image.c. Esto está relacionado con AcquireImage en magick/image.c. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html http://www.securityfocus.com/bid/108913 https://github.com/ImageMagick/ImageMagick/issues/1522 https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security/cve/CVE-2019-12979 https://bugzilla.redhat.com/show_bug.cgi?id=1732294 • CWE-456: Missing Initialization of a Variable CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12978 – imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c
https://notcve.org/view.php?id=CVE-2019-12978
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de "use of uninitialized value" en la función ReadPANGOImage en coders/pango.c. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html http://www.securityfocus.com/bid/108913 https://github.com/ImageMagick/ImageMagick/issues/1519 https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security/cve/CVE-2019-12978 https://bugzilla.redhat.com/show_bug.cgi?id=1732292 • CWE-456: Missing Initialization of a Variable CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12977
https://notcve.org/view.php?id=CVE-2019-12977
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de "use of uninitialized value" en la función WriteJP2Image en coders/jp2.c. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html http://www.securityfocus.com/bid/108913 https://github.com/ImageMagick/ImageMagick/issues/1518 https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 • CWE-665: Improper Initialization •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-12976 – imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c
https://notcve.org/view.php?id=CVE-2019-12976
ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c. ImageMagick versión 7.0.8-34 tiene una pérdida de memoria en la función ReadPCLImage en coders/pcl.c. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the ReadPCLImage() function. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them crash. An attacker could abuse this flaw by providing a specially crafted image and cause a Denial of Service by using all available memory. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html http://www.securityfocus.com/bid/108913 https://github.com/ImageMagick/ImageMagick/issues/1520 https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security/cve/CVE-2019-12976 https://bugzilla.redhat.com/show_bug.cgi?id=1732284 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •