CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-32546 – Gentoo Linux Security Advisory 202405-02
https://notcve.org/view.php?id=CVE-2022-32546
16 Jun 2022 — A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. Se ha encontrado una vulnerabilidad en ImageMagick, que causa una salida del rango de valores representables del tipo "unsigned long" en el archivo coders/pcl.c, cuando es procesada una entrada diseñada o no confiable. Es... • https://bugzilla.redhat.com/show_bug.cgi?id=2091812 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-4219 – Ubuntu Security Notice USN-5736-1
https://notcve.org/view.php?id=CVE-2021-4219
23 Mar 2022 — A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an attacker to crash the system. Se ha encontrado un fallo en ImageMagick. La vulnerabilidad es producida debido al uso inapropiado de funciones abiertas y conlleva a una denegación de servicio. • https://bugzilla.redhat.com/show_bug.cgi?id=2054611 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2021-3596
https://notcve.org/view.php?id=CVE-2021-3596
24 Feb 2022 — A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault. Se ha encontrado un fallo de desreferencia de puntero NULL en ImageMagick en versiones anteriores a 7.0.10-31 en la función ReadSVGImage() en el archivo coders/svg.c. Este problema es debido a que no es comprobado el valo... • https://bugzilla.redhat.com/show_bug.cgi?id=1970569 • CWE-476: NULL Pointer Dereference •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-27769
https://notcve.org/view.php?id=CVE-2020-27769
14 May 2021 — In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c. En ImageMagick versiones anteriores a 7.0.9-0, están fuera del rango de valores representables de tipo "float" en el archivo MagickCore/quantize.c • https://bugzilla.redhat.com/show_bug.cgi?id=1894690 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20311
https://notcve.org/view.php?id=CVE-2021-20311
11 May 2021 — A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability. Se encontró un fallo en ImageMagick en versiones anteriores a 7.0.11, donde una división por cero en la función sRGBTransformImage() en el archivo MagickCore/colorspac... • https://bugzilla.redhat.com/show_bug.cgi?id=1946739 • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20310
https://notcve.org/view.php?id=CVE-2021-20310
11 May 2021 — A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability. Se encontró un fallo en ImageMagick en versiones anteriores a 7.0.11, donde una división por cero en la función ConvertXYZToJzazbz() del archivo MagickCore/colorspace.c p... • https://bugzilla.redhat.com/show_bug.cgi?id=1946728 • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-20309 – Ubuntu Security Notice USN-5736-1
https://notcve.org/view.php?id=CVE-2021-20309
11 May 2021 — A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to system availability. Se encontró un fallo en ImageMagick en versiones anteriores a 7.0.11 y versiones anteriores a 6.9.12, donde una división por cero en la función WaveImage() del archivo MagickCore/visual-effec... • https://bugzilla.redhat.com/show_bug.cgi?id=1946722 • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-20312 – Ubuntu Security Notice USN-5736-1
https://notcve.org/view.php?id=CVE-2021-20312
11 May 2021 — A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability. Se encontró un fallo en ImageMagick en versiones 7.0.11, donde un desbordamiento de enteros en la función WriteTHUMBNAILImage del archivo coders/humbnail.c puede desencadenar un c... • https://bugzilla.redhat.com/show_bug.cgi?id=1946742 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-20313 – Ubuntu Security Notice USN-5736-1
https://notcve.org/view.php?id=CVE-2021-20313
11 May 2021 — A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality. Se encontró un fallo en ImageMagick en versiones anteriores a 7.0.11. Una potencial pérdida de cifrado cuando es posible calcular firmas en la función TransformSignature. • https://bugzilla.redhat.com/show_bug.cgi?id=1947019 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27829
https://notcve.org/view.php?id=CVE-2020-27829
26 Mar 2021 — A heap based buffer overflow in coders/tiff.c may result in program crash and denial of service in ImageMagick before 7.0.10-45. Un desbordamiento del búfer en la región heap de la memoria en el archivo coders/tiff.c puede causar un bloqueo del programa y una denegación de servicio en ImageMagick versiones anteriores a 7.0.10-45. • https://bugzilla.redhat.com/show_bug.cgi?id=1922525 • CWE-122: Heap-based Buffer Overflow •