Imagemagick

Imagemagick

662 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2023-34153

Exploit
  • EPSS 0.76%
  • Veröffentlicht 30.05.2023 22:15:11
  • Zuletzt bearbeitet 10.01.2025 21:15:12

A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding.

5.5

CVE-2023-1906

Exploit
  • EPSS 0.03%
  • Veröffentlicht 12.04.2023 22:15:11
  • Zuletzt bearbeitet 10.02.2025 17:15:15

A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an app...

5.5

CVE-2023-1289

Exploit
  • EPSS 0.13%
  • Veröffentlicht 23.03.2023 20:15:14
  • Zuletzt bearbeitet 21.11.2024 07:38:50

A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many...

6.5

CVE-2022-44267

Exploit
  • EPSS 21.44%
  • Veröffentlicht 06.02.2023 21:15:09
  • Zuletzt bearbeitet 26.03.2025 15:15:40

ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input.

6.5

CVE-2022-44268

Exploit
  • EPSS 88.66%
  • Veröffentlicht 06.02.2023 21:15:09
  • Zuletzt bearbeitet 26.03.2025 15:15:40

ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).

5.5

CVE-2022-3213

  • EPSS 0.03%
  • Veröffentlicht 19.09.2022 18:15:09
  • Zuletzt bearbeitet 21.11.2024 07:19:03

A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service.

5.5

CVE-2022-1115

Exploit
  • EPSS 0.04%
  • Veröffentlicht 29.08.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 06:40:04

A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading...

7.1

CVE-2022-0284

Exploit
  • EPSS 0.03%
  • Veröffentlicht 29.08.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:38:18

A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to convert it into a PICON...

3.3

CVE-2021-3574

Exploit
  • EPSS 0.03%
  • Veröffentlicht 26.08.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:21:52

A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks.

5.5

CVE-2021-20224

  • EPSS 0.03%
  • Veröffentlicht 25.08.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:09

An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMag...