CVE-2020-27756
- EPSS 0.83%
- Veröffentlicht 08.12.2020 22:15:18
- Zuletzt bearbeitet 21.11.2024 05:21:46
In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior. This flaw can be triggered by a crafted input file processed by ImageMagick and could im...
CVE-2020-27757
- EPSS 1.07%
- Veröffentlicht 08.12.2020 22:15:18
- Zuletzt bearbeitet 21.11.2024 05:21:46
A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long. The flaw could be triggered by a crafted input file under ...
CVE-2020-27758
- EPSS 1.12%
- Veröffentlicht 08.12.2020 22:15:18
- Zuletzt bearbeitet 21.11.2024 05:21:46
A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long long`. This would most likely lea...
CVE-2020-25674
- EPSS 1.02%
- Veröffentlicht 08.12.2020 22:15:17
- Zuletzt bearbeitet 21.11.2024 05:18:25
WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values ...
CVE-2020-25675
- EPSS 1.07%
- Veröffentlicht 08.12.2020 22:15:17
- Zuletzt bearbeitet 21.11.2024 05:18:26
In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by Undefin...
CVE-2020-25676
- EPSS 1.17%
- Veröffentlicht 08.12.2020 22:15:17
- Zuletzt bearbeitet 21.11.2024 05:18:26
In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being use...
CVE-2020-27750
- EPSS 0.98%
- Veröffentlicht 08.12.2020 22:15:17
- Zuletzt bearbeitet 21.11.2024 05:21:45
A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `uns...
CVE-2020-27751
- EPSS 1.11%
- Veröffentlicht 08.12.2020 22:15:17
- Zuletzt bearbeitet 21.11.2024 05:21:45
A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long long` as well as a...
CVE-2020-25663
- EPSS 1.1%
- Veröffentlicht 08.12.2020 21:15:12
- Zuletzt bearbeitet 21.11.2024 05:18:23
A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() was called. This could occur if an attacker is able ...
CVE-2020-25664
- EPSS 0.71%
- Veröffentlicht 08.12.2020 21:15:12
- Zuletzt bearbeitet 21.11.2024 05:18:23
In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The patch fixes the calls by add...