6.5

CVE-2019-14981

In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ImagemagickImagemagick Version >= 6.0 < 6.9.10-41
ImagemagickImagemagick Version >= 7.0.0-0 < 7.0.8-41
DebianDebian Linux Version8.0
DebianDebian Linux Version9.0
DebianDebian Linux Version10.0
CanonicalUbuntu Linux Version16.04 SwEditionlts
CanonicalUbuntu Linux Version18.04 SwEditionlts
CanonicalUbuntu Linux Version19.04
CanonicalUbuntu Linux Version19.10
OpensuseLeap Version15.0
OpensuseLeap Version15.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.69% 0.839
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
CWE-369 Divide By Zero

The product divides a value by zero.

https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html
Third Party Advisory
Mailing List
https://www.debian.org/security/2020/dsa-4712
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html
Third Party Advisory
Mailing List
https://usn.ubuntu.com/4192-1/
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html
Third Party Advisory
Mailing List
https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc
Patch
Third Party Advisory
https://github.com/ImageMagick/ImageMagick/issues/1552
Patch
Third Party Advisory
https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256
Patch
Third Party Advisory