Imagemagick

Imagemagick

659 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2022-32547

  • EPSS 0.06%
  • Veröffentlicht 16.06.2022 18:15:10
  • Zuletzt bearbeitet 21.11.2024 07:06:36

In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, th...

7.8

CVE-2022-28463

Exploit
  • EPSS 0.08%
  • Veröffentlicht 08.05.2022 23:15:17
  • Zuletzt bearbeitet 25.06.2025 21:02:38

ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.

7.1

CVE-2022-1114

  • EPSS 0.07%
  • Veröffentlicht 29.04.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:40:04

A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file. This vulnerability is triggered when an attacker passes a specially crafted DICOM image file to ImageMagick for conversion, potentially leading to infor...

5.5

CVE-2021-4219

  • EPSS 0.07%
  • Veröffentlicht 23.03.2022 20:15:10
  • Zuletzt bearbeitet 21.11.2024 06:37:10

A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an attacker to crash the system.

6.5

CVE-2021-3596

Exploit
  • EPSS 0.17%
  • Veröffentlicht 24.02.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:21:55

A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which ...

7.5

CVE-2021-3610

  • EPSS 0.14%
  • Veröffentlicht 24.02.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:21:58

A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation faul...

7.8

CVE-2021-3962

  • EPSS 0.31%
  • Veröffentlicht 19.11.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:23:14

A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an attacker to create a specially crafted image that leads to a use-after-free vulnerability when processed...

3.6

CVE-2021-39212

  • EPSS 0.02%
  • Veröffentlicht 13.09.2021 18:15:23
  • Zuletzt bearbeitet 21.11.2024 06:18:54

ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could...

4.3

CVE-2020-27769

  • EPSS 0.05%
  • Veröffentlicht 14.05.2021 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:21:48

In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.

7.8

CVE-2021-20309

  • EPSS 0.24%
  • Veröffentlicht 11.05.2021 23:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:20

A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick....