Debian Imagemagick vulnerabilities

727 known vulnerabilities affecting debian/imagemagick.

Total CVEs

727

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL24HIGH138MEDIUM255LOW310

Vulnerabilities

Page 20 of 37

CVE-2017-9501LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-12 (bookworm)2017

CVE-2017-9501 [MEDIUM] CVE-2017-9501: imagemagick - In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockS... In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-12) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-12) forky: resolved (fixed in 8:6.9.7.4+dfsg-12) sid: resolved (fixed in 8:6.9.7.4+dfsg-12) t

debian

CVE-2017-13658LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-14 (bookworm)2017

CVE-2017-13658 [MEDIUM] CVE-2017-13658: imagemagick - In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL ch... In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-14) bullseye: resolved (fixed in 8:6.9.7.4+dfsg

debian

CVE-2017-11538LOWCVSS 6.52017

CVE-2017-11538 [MEDIUM] CVE-2017-11538: imagemagick - When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a M... When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteOnePNGImage() function in coders/png.c. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

debian

CVE-2017-9500LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-13 (bookworm)2017

CVE-2017-9500 [MEDIUM] CVE-2017-9500: imagemagick - In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function Reset... In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-13) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-13) forky: resolved (fixed in 8:6.9.7.4+dfsg-13) sid: resolved (fixed in 8:6.9.7.4+df

debian

CVE-2017-14060LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-14060 [MEDIUM] CVE-2017-14060: imagemagick - In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the Read... In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye

debian

CVE-2017-15017LOWCVSS 8.8fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-15017 [HIGH] CVE-2017-15017: imagemagick - ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneM... ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.9.9.34+dfsg-3) trixie: resolved (fixed in 8:6.9.9.34+dfsg-3)

debian

CVE-2017-15016LOWCVSS 8.8fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-15016 [HIGH] CVE-2017-15016: imagemagick - ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhM... ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.9.9.34+dfsg-3) trixie: resolved (fixed in 8:6.9.9.34+dfsg-3)

debian

CVE-2017-13141LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-15 (bookworm)2017

CVE-2017-13141 [MEDIUM] CVE-2017-13141: imagemagick - In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigg... In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-15) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-15) forky: resolved (fixed in 8:6.9.7.4+dfsg-15) sid: resolved (fixed in 8:6.9.7.4+dfsg-15) trixie: resolved (fixed in 8:6.9

debian

CVE-2017-17880LOWCVSS 8.8fixed in imagemagick 8:6.9.9.39+dfsg-1 (bookworm)2017

CVE-2017-17880 [HIGH] CVE-2017-17880: imagemagick - In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer ove... In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check. Scope: local bookworm: resolved (fixed in 8:6.9.9.39+dfsg-1) bullseye: resolved (fixed in 8:6.9.9.39+dfsg-1) forky: resolved (fixed in 8:6.9.9.39+dfsg-1) sid: resolved (fixed in 8:6.9.9.39+dfsg-1)

debian

CVE-2017-7942LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-6 (bookworm)2017

CVE-2017-7942 [MEDIUM] CVE-2017-7942: imagemagick - The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attacker... The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-6) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-6) forky: resolved (fixed in 8:6.9.7.4+dfsg-6) sid: resolved (fixed in 8:6.9.7.4+dfsg-6) trixie: resolved (fixed in 8

debian

CVE-2017-13768LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-13768 [MEDIUM] CVE-2017-13768: imagemagick - Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c ... Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (

debian

CVE-2017-11751LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-16 (bookworm)2017

CVE-2017-11751 [MEDIUM] CVE-2017-11751: imagemagick - The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remot... The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-16) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-16) forky: resolved (fixed in 8:6.9.7.4+dfsg-16) sid: resolved (fixed in 8:6.9.7.4+dfsg-16) trixie: re

debian

CVE-2017-7941LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-6 (bookworm)2017

CVE-2017-7941 [MEDIUM] CVE-2017-7941: imagemagick - The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attacker... The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-6) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-6) forky: resolved (fixed in 8:6.9.7.4+dfsg-6) sid: resolved (fixed in 8:6.9.7.4+dfsg-6) trixie: resolved (fixed in 8

debian

CVE-2017-18209LOWCVSS 8.8fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-18209 [HIGH] CVE-2017-18209: imagemagick - In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick ... In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9

debian

CVE-2017-11644LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-14 (bookworm)2017

CVE-2017-11644 [MEDIUM] CVE-2017-11644: imagemagick - When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a M... When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage() function in coders/mat.c. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-14) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-14) forky: resolved (fixed in 8:6.9.7.4+dfsg-14) sid: resolved (fixed in 8:6.9.7.4+dfsg-14) trixie: resolved (fixed in

debian

CVE-2017-13133LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-13133 [MEDIUM] CVE-2017-13133: imagemagick - In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset val... In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fi

debian

CVE-2017-14625LOWCVSS 9.8fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-14625 [CRITICAL] CVE-2017-14625: imagemagick - ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the func... ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.9.9.34+dfsg-3) trixie: resolved (fixed in 8:6.9.9.34+d

debian

CVE-2017-12667LOWCVSS 8.8fixed in imagemagick 8:6.9.7.4+dfsg-14 (bookworm)2017

CVE-2017-12667 [HIGH] CVE-2017-12667: imagemagick - ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\ma... ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\mat.c. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-14) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-14) forky: resolved (fixed in 8:6.9.7.4+dfsg-14) sid: resolved (fixed in 8:6.9.7.4+dfsg-14) trixie: resolved (fixed in 8:6.9.7.4+dfsg-14)

debian

CVE-2017-12433LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-12433 [MEDIUM] CVE-2017-12433: imagemagick - In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function Re... In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadPESImage in coders/pes.c, which allows attackers to cause a denial of service, related to ResizeMagickMemory in memory.c. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid:

debian

CVE-2017-18029LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-18029 [MEDIUM] CVE-2017-18029: imagemagick - In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the functi... In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fi

debian

← Previous20 / 37Next →