CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 1CVE-2017-18028
https://notcve.org/view.php?id=CVE-2017-18028
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file. Se ha encontrado una vulnerabilidad de agotamiento de memoria en ImageMagick 7.0.7-1 Q16 en la función ReadTIFFImage en coders/tiff.c. Esta vulnerabilidad permite que los atacantes remotos provoquen una denegación de servicio mediante un archivo manipulado. • https://github.com/ImageMagick/ImageMagick/issues/736 https://usn.ubuntu.com/3681-1 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-5358
https://notcve.org/view.php?id=CVE-2018-5358
ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c. ImageMagick 7.0.7-22 Q16 tiene fugas de memoria en la función EncodeImageAttributes en coders/json.c, tal y como demuestra la función ReadPSDLayersInternal en coders/psd.c. • https://github.com/ImageMagick/ImageMagick/issues/939 https://usn.ubuntu.com/3681-1 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-5357
https://notcve.org/view.php?id=CVE-2018-5357
ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c. ImageMagick 7.0.7-22 Q16 tiene fugas de memoria en la función ReadDCMImage en coders/dcm.c. • http://www.securityfocus.com/bid/102497 https://github.com/ImageMagick/ImageMagick/issues/941 https://usn.ubuntu.com/3681-1 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-5246
https://notcve.org/view.php?id=CVE-2018-5246
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c. ImageMagick 7.0.7-17 Q16 tiene una fuga de memoria en ReadPATTERNImage en coders/pattern.c. • http://www.securityfocus.com/bid/102469 https://github.com/ImageMagick/ImageMagick/issues/929 https://usn.ubuntu.com/3681-1 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 1CVE-2018-5248
https://notcve.org/view.php?id=CVE-2018-5248
In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function. En ImageMagick 7.0.7-17 Q16, hay una sobrelectura de búfer basada en memoria dinámica (heap) en la función ReadSIXELImage en coders/sixel.c, relacionada con la función sixel_decode. • http://www.securityfocus.com/bid/102431 https://github.com/ImageMagick/ImageMagick/issues/927 https://usn.ubuntu.com/3681-1 https://www.debian.org/security/2018/dsa-4204 https://www.debian.org/security/2018/dsa-4245 • CWE-125: Out-of-bounds Read •