CVE-2022-32547 — Incorrect Type Conversion or Cast

Vendor	Product	Version range	Fixed in
debian	imagemagick	< imagemagick 8:6.9.11.60+dfsg-1.5 (bookworm)	imagemagick 8:6.9.11.60+dfsg-1.5 (bookworm)
fedoraproject	fedora	—	—
imagemagick	imagemagick	< 6.9.12-45	6.9.12-45
imagemagick	imagemagick	—	—
imagemagick	imagemagick	>= 0 < 8:6.9.11.60+dfsg-1.3+deb11u2	8:6.9.11.60+dfsg-1.3+deb11u2
imagemagick	imagemagick	>= 0 < 8:6.9.11.60+dfsg-1.5	8:6.9.11.60+dfsg-1.5
imagemagick	imagemagick	>= 0 < 8:6.9.11.60+dfsg-1.5	8:6.9.11.60+dfsg-1.5
imagemagick	imagemagick	>= 0 < 8:6.9.11.60+dfsg-1.5	8:6.9.11.60+dfsg-1.5
imagemagick	imagemagick	>= 0 < 8:6.9.7.4+dfsg-16ubuntu6.14	8:6.9.7.4+dfsg-16ubuntu6.14
imagemagick	imagemagick	>= 0 < 8:6.9.10.23+dfsg-2.1ubuntu11.9	8:6.9.10.23+dfsg-2.1ubuntu11.9
imagemagick	imagemagick	>= 0 < 8:6.9.10.23+dfsg-2.1ubuntu11.10	8:6.9.10.23+dfsg-2.1ubuntu11.10
imagemagick	imagemagick	>= 0 < 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5	8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5
imagemagick	imagemagick	>= 0 < 8:6.7.7.10-6ubuntu3.13+esm3	8:6.7.7.10-6ubuntu3.13+esm3
imagemagick	imagemagick	>= 0 < 8:6.8.9.9-7ubuntu5.16+esm4	8:6.8.9.9-7ubuntu5.16+esm4
imagemagick	imagemagick	>= 0 < 8:6.8.9.9-7ubuntu5.16+esm8	8:6.8.9.9-7ubuntu5.16+esm8
imagemagick	imagemagick	>= 0 < 8:6.8.9.9-7ubuntu5.16+esm5	8:6.8.9.9-7ubuntu5.16+esm5
imagemagick	imagemagick	>= 0 < 8:6.9.7.4+dfsg-16ubuntu6.15+esm1	8:6.9.7.4+dfsg-16ubuntu6.15+esm1
imagemagick	imagemagick	>= 0 < 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1	8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1
imagemagick	imagemagick	>= 0 < 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.1+esm1	8:6.9.11.60+dfsg-1.3ubuntu0.22.04.1+esm1
imagemagick	imagemagick	>= 0 < 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.3+esm2	8:6.9.11.60+dfsg-1.3ubuntu0.22.04.3+esm2
imagemagick	imagemagick	>= 7.1.0-0 < 7.1.0-30	7.1.0-30
redhat	enterprise_linux	—	—
redhat	enterprise_linux	—	—

OSV

imagemagick vulnerabilities

osv·2024-07-25·CVSS 7.8

[HIGH] imagemagick vulnerabilities imagemagick vulnerabilities USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This update fixes the problem. Original advisory details: It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-29599) It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affec

OSV

imagemagick vulnerabilities

osv·2023-07-04·CVSS 7.8

CVE-2020-29599 [HIGH] imagemagick vulnerabilities imagemagick vulnerabilities It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-29599) It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20224) Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when processing image data. If a user or automated system using ImageMagick we

OSV

imagemagick vulnerabilities

osv·2022-11-24·CVSS 5.5

CVE-2021-20224 [MEDIUM] imagemagick vulnerabilities imagemagick vulnerabilities USN-5736-1 fixed vulnerabilities in ImageMagick. This update provides the corresponding updates for Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. One of the issues, CVE-2021-20224, only affected Ubuntu 20.04 ESM, while CVE-2021-20245, CVE-2021-3574, CVE-2021-4219 and CVE-2022-1114 only affected Ubuntu 22.04 ESM. Original advisory details: It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2021-20224) Zhang Xiaohui discovered that ImageMagick incorrectly handled certain val

OSV

imagemagick vulnerabilities

osv·2022-11-24·CVSS 5.5

CVE-2021-20224 [MEDIUM] imagemagick vulnerabilities imagemagick vulnerabilities It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2021-20224) Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when processing image data. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2021-20241) Zhang Xiaohui discovered that ImageMagick incorrectly handled ce

OSV

imagemagick vulnerabilities

osv·2022-07-26·CVSS 7.8

CVE-2022-32545 [HIGH] imagemagick vulnerabilities imagemagick vulnerabilities It was discovered that ImageMagick incorrectly handled certain values. If a user were tricked into processing a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. (CVE-2022-32545, CVE-2022-32546) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into processing a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. (CVE-2022-32547)

GHSA

GHSA-mw6j-c5j9-xc24: In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte ali

ghsa_unreviewed·2022-06-17

CVE-2022-32547 [HIGH] CWE-704 GHSA-mw6j-c5j9-xc24: In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte ali In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.

OSV

CVE-2022-32547: In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte ali

osv·2022-06-16·CVSS 7.8

CVE-2022-32547 [HIGH] CVE-2022-32547: In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte ali In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.

Ubuntu

ImageMagick vulnerabilities

vendor_ubuntu·2024-07-25·CVSS 7.8

CVE-2023-1289 [HIGH] ImageMagick vulnerabilities Title: ImageMagick vulnerabilities Summary: Several security issues were fixed in ImageMagick. USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This update fixes the problem. Original advisory details: It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-29599) It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker co

Ubuntu

ImageMagick vulnerabilities

vendor_ubuntu·2023-07-04·CVSS 7.8

CVE-2023-1289 [HIGH] ImageMagick vulnerabilities Title: ImageMagick vulnerabilities Summary: Several security issues were fixed in ImageMagick. It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-29599) It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20224) Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when proce

Ubuntu

ImageMagick vulnerabilities

vendor_ubuntu·2022-11-24·CVSS 5.5

CVE-2021-20313 [MEDIUM] ImageMagick vulnerabilities Title: ImageMagick vulnerabilities Summary: Several security issues were fixed in ImageMagick. USN-5736-1 fixed vulnerabilities in ImageMagick. This update provides the corresponding updates for Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. One of the issues, CVE-2021-20224, only affected Ubuntu 20.04 ESM, while CVE-2021-20245, CVE-2021-3574, CVE-2021-4219 and CVE-2022-1114 only affected Ubuntu 22.04 ESM. Original advisory details: It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2021-20224) Zhang

Ubuntu

ImageMagick vulnerabilities

vendor_ubuntu·2022-11-24·CVSS 5.5

CVE-2021-20313 [MEDIUM] ImageMagick vulnerabilities Title: ImageMagick vulnerabilities Summary: Several security issues were fixed in ImageMagick. It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2021-20224) Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when processing image data. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2021-2024

Ubuntu

ImageMagick vulnerabilities

vendor_ubuntu·2022-07-26·CVSS 7.8

CVE-2022-32546 [HIGH] ImageMagick vulnerabilities Title: ImageMagick vulnerabilities Summary: Several security issues were fixed in ImageMagick. It was discovered that ImageMagick incorrectly handled certain values. If a user were tricked into processing a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. (CVE-2022-32545, CVE-2022-32546) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into processing a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. (CVE-2022-32547) Instructions: In general, a standard system update will make all the necessary changes.

Red Hat

ImageMagick: load of misaligned address at MagickCore/property.c

vendor_redhat·2022-04-09·CVSS 7.8

CVE-2022-32547 [HIGH] CWE-704 ImageMagick: load of misaligned address at MagickCore/property.c ImageMagick: load of misaligned address at MagickCore/property.c In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior. A flaw was found in ImageMagick, where there is a load of a misaligned address for type 'double,' which requires 8-byte alignment, and for type 'float,' which requires 4-byte alignment at MagickCore/property.c. Whenever ImageMagick processes crafted or untrusted input, this causes a negative impact on application availability or other problems related to undefined behavior.

Debian

CVE-2022-32547: imagemagick - In ImageMagick, there is load of misaligned address for type 'double', which req...

vendor_debian·2022·CVSS 7.8

CVE-2022-32547 [HIGH] CVE-2022-32547: imagemagick - In ImageMagick, there is load of misaligned address for type 'double', which req... In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior. Scope: local bookworm: resolved (fixed in 8:6.9.11.60+dfsg-1.5) bullseye: resolved (fixed in 8:6.9.11.60+dfsg-1.3+deb11u2) forky: resolved (fixed in 8:6.9.11.60+dfsg-1.5) sid: resolved (fixed in 8:6.9.11.60+dfsg-1.5) trixie: resolved (fixed in 8:6.9.11.60+dfsg-1.5)

CVE-2022-32547: In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at…

Affected

CVSS provenance