CVE-2019-17547 — Use After Free in Imagemagick

Severity

8.8HIGHNVD

EPSS

0.5%

top 34.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedOct 14

Latest updateMay 24

Description

In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

GHSA

GHSA-442w-2rxq-q6gc: In ImageMagick before 7↗2022-05-24

▶

Red Hat

ImageMagick: use-after-free in TraceBezier function in MagickCore/draw.c↗2019-08-18

▶

Debian

CVE-2019-17547: imagemagick - In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after...↗2019

▶

Bugzilla

CVE-2019-17547 ImageMagick: use-after-free in TraceBezier function in MagickCore/draw.c [fedora-all]↗2019-10-30

▶

Bugzilla

CVE-2019-17547 ImageMagick: use-after-free in TraceBezier function in MagickCore/draw.c↗2019-10-30

▶