CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-10804 – ImageMagick: Memory leak in WriteTIFFImage
https://notcve.org/view.php?id=CVE-2018-10804
ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c. ImageMagick 7.0.7-28 tiene una vulnerabilidad de fuga de memoria en WriteTIFFImage en coders/tiff.c. • https://github.com/ImageMagick/ImageMagick/issues/1053 https://usn.ubuntu.com/3681-1 https://access.redhat.com/security/cve/CVE-2018-10804 https://bugzilla.redhat.com/show_bug.cgi?id=1577399 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-10177 – ImageMagick: Infinite loop in coders/png.c:ReadOneMNGImage() allows attackers to cause a denial of service via crafted MNG file
https://notcve.org/view.php?id=CVE-2018-10177
In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file. En ImageMagick 7.0.7-28, hay un bucle infinito en la función ReadOneMNGImage del archivo coders/png.c. Los atacantes remotos podrían aprovechar esta vulnerabilidad para provocar una denegación de servicio (DoS) mediante un archivo mng manipulado. An infinite loop has been found in the way ImageMagick reads Multiple-image Network Graphics (MNG) data. • https://github.com/ImageMagick/ImageMagick/issues/1095 https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://usn.ubuntu.com/3681-1 https://access.redhat.com/security/cve/CVE-2018-10177 https://bugzilla.redhat.com/show_bug.cgi?id=1572044 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-9133 – ImageMagick: excessive iteration in the DecodeLabImage and EncodeLabImage functions in coders/tiff.c
https://notcve.org/view.php?id=CVE-2018-9133
ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tiff file. ImageMagick 7.0.7-26 Q16 tiene una iteración excesiva en las funciones DecodeLabImage y EncodeLabImage (coders/tiff.c), lo que resulta en un bloqueo de varios minutos con un archivo PoC pequeño. Los atacantes remotos podrían aprovechar esta vulnerabilidad para provocar una denegación de servicio (DoS) mediante un archivo tiff manipulado. • https://github.com/ImageMagick/ImageMagick/issues/1072 https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://usn.ubuntu.com/3681-1 https://access.redhat.com/security/cve/CVE-2018-9133 https://bugzilla.redhat.com/show_bug.cgi?id=1563875 • CWE-834: Excessive Iteration CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-9135
https://notcve.org/view.php?id=CVE-2018-9135
In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c. En ImageMagick 7.0.7-24 Q16, existe una sobrelectura de búfer basada en memoria dinámica (heap) en IsWEBPImageLossless en coders/webp.c. • https://github.com/ImageMagick/ImageMagick/issues/1009 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-18251 – ImageMagick: memory leak in ReadPCDImage function in coders/pcd.c
https://notcve.org/view.php?id=CVE-2017-18251
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file. Se ha descubierto un problema en la versión 7.0.7 de ImageMagick. Se ha encontrado una vulnerabilidad de filtrado de memoria en la función ReadPCDImage en coders/pcd.c que permite a atacantes remotos provocar una denegación de servicio (DoS) mediante un archivo manipulado. A memory leak vulnerability has been discovered in ImageMagick in the ReadPCDImage function of coders/pcd.c file. • https://github.com/ImageMagick/ImageMagick/issues/809 https://usn.ubuntu.com/3681-1 https://access.redhat.com/security/cve/CVE-2017-18251 https://bugzilla.redhat.com/show_bug.cgi?id=1561741 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •