Imagemagick

Imagemagick

659 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-44267

Exploit
  • EPSS 18.54%
  • Veröffentlicht 06.02.2023 21:15:09
  • Zuletzt bearbeitet 26.03.2025 15:15:40

ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input.

6.5

CVE-2022-44268

Exploit
  • EPSS 88.66%
  • Veröffentlicht 06.02.2023 21:15:09
  • Zuletzt bearbeitet 26.03.2025 15:15:40

ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).

5.5

CVE-2022-3213

  • EPSS 0.03%
  • Veröffentlicht 19.09.2022 18:15:09
  • Zuletzt bearbeitet 21.11.2024 07:19:03

A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service.

5.5

CVE-2022-1115

Exploit
  • EPSS 0.04%
  • Veröffentlicht 29.08.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 06:40:04

A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading...

7.1

CVE-2022-0284

Exploit
  • EPSS 0.03%
  • Veröffentlicht 29.08.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:38:18

A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to convert it into a PICON...

3.3

CVE-2021-3574

Exploit
  • EPSS 0.03%
  • Veröffentlicht 26.08.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:21:52

A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks.

5.5

CVE-2021-20224

  • EPSS 0.03%
  • Veröffentlicht 25.08.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:09

An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMag...

5.5

CVE-2022-2719

  • EPSS 0.02%
  • Veröffentlicht 10.08.2022 20:15:36
  • Zuletzt bearbeitet 21.11.2024 07:01:34

In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed in upstream ImageMagick versio...

7.8

CVE-2022-32545

  • EPSS 0.06%
  • Veröffentlicht 16.06.2022 18:15:10
  • Zuletzt bearbeitet 21.11.2024 07:06:35

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other...

7.8

CVE-2022-32546

  • EPSS 0.07%
  • Veröffentlicht 16.06.2022 18:15:10
  • Zuletzt bearbeitet 21.11.2024 07:06:36

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other...