7.1

CVE-2021-20244

A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ImagemagickImagemagick Version < 7.0.10-62
RedhatEnterprise Linux Version6.0
RedhatEnterprise Linux Version7.0
RedhatEnterprise Linux Version8.0
FedoraprojectFedora Version33
DebianDebian Linux Version9.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.2% 0.641
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvd@nist.gov 7.1 8.6 6.9
AV:N/AC:M/Au:N/C:N/I:N/A:C
CWE-369 Divide By Zero

The product divides a value by zero.

https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html
https://bugzilla.redhat.com/show_bug.cgi?id=1928959
Patch
Third Party Advisory
Issue Tracking
https://github.com/ImageMagick/ImageMagick/pull/3194
Patch
Third Party Advisory