Graphicsmagick

Graphicsmagick

121 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2017-18219

Exploit
  • EPSS 2.82%
  • Veröffentlicht 05.03.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:35

An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a larg...

8.8

CVE-2017-18220

Exploit
  • EPSS 0.4%
  • Veröffentlicht 05.03.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:36

The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 allow remote attackers to cause a denial of service (magick/blob.c CloseBlob use-after-free) or possibly have unspecified other impact via a crafted file, a relat...

8.8

CVE-2018-6799

  • EPSS 0.78%
  • Veröffentlicht 07.02.2018 05:29:00
  • Zuletzt bearbeitet 21.11.2024 04:11:13

The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging a...

6.5

CVE-2018-5685

Exploit
  • EPSS 0.35%
  • Veröffentlicht 14.01.2018 02:29:05
  • Zuletzt bearbeitet 21.11.2024 04:09:09

In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask valu...

8.8

CVE-2018-5360

Exploit
  • EPSS 0.46%
  • Veröffentlicht 14.01.2018 02:29:04
  • Zuletzt bearbeitet 21.11.2024 04:08:39

LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.

8.8

CVE-2017-17912

  • EPSS 0.83%
  • Veröffentlicht 27.12.2017 17:08:22
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region.

8.8

CVE-2017-17913

  • EPSS 0.41%
  • Veröffentlicht 27.12.2017 17:08:22
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type.

8.8

CVE-2017-17915

  • EPSS 0.69%
  • Veröffentlicht 27.12.2017 17:08:22
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached.

8.8

CVE-2017-17782

  • EPSS 0.66%
  • Veröffentlicht 20.12.2017 09:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation.

7.5

CVE-2017-17783

  • EPSS 0.46%
  • Veröffentlicht 20.12.2017 09:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8.