Debian Imagemagick vulnerabilities

727 known vulnerabilities affecting debian/imagemagick.

Total CVEs

727

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL24HIGH138MEDIUM255LOW310

Vulnerabilities

Page 23 of 37

CVE-2017-11537LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-13 (bookworm)2017

CVE-2017-11537 [MEDIUM] CVE-2017-11537: imagemagick - When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a F... When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-13) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-13) forky: resolved (fixed in 8:6.9.7.4+dfsg

debian

CVE-2017-11523LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-14 (bookworm)2017

CVE-2017-11523 [MEDIUM] CVE-2017-11523: imagemagick - The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x... The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-14) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-14) forky: resolve

debian

CVE-2017-17884LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-17884 [MEDIUM] CVE-2017-17884: imagemagick - In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the functi... In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: reso

debian

CVE-2017-15015LOWCVSS 8.8fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-15015 [HIGH] CVE-2017-15015: imagemagick - ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDeleg... ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.9.9.34+dfsg-3) trixie: resolved (fixed in 8:6.9.9.34+dfsg-3)

debian

CVE-2017-13058LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-13058 [MEDIUM] CVE-2017-13058: imagemagick - In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function Wr... In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6

debian

CVE-2017-12418LOWCVSS 7.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-12418 [HIGH] CVE-2017-12418: imagemagick - ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions ... ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.9.9.34+dfsg-3) trixie

debian

CVE-2017-11532LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-13 (bookworm)2017

CVE-2017-11532 [MEDIUM] CVE-2017-11532: imagemagick - When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a M... When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-13) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-13) forky: resolved (fixed in 8:6.9.7.4+dfsg-13) sid: resolved (fixed in 8:6.9.7.4+dfsg-13) trixie: resolved (fixed i

debian

CVE-2017-12643LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-15 (bookworm)2017

CVE-2017-12643 [MEDIUM] CVE-2017-12643: imagemagick - ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in ... ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-15) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-15) forky: resolved (fixed in 8:6.9.7.4+dfsg-15) sid: resolved (fixed in 8:6.9.7.4+dfsg-15) trixie: resolved (fixed in 8:6.9.7.4+dfsg-15)

debian

CVE-2017-17934LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-17934 [MEDIUM] CVE-2017-17934: imagemagick - ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSL... ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.9.9.34+dfsg-3)

debian

CVE-2017-8830LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-7 (bookworm)2017

CVE-2017-8830 [MEDIUM] CVE-2017-8830: imagemagick - In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers... In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-7) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-7) forky: resolved (fixed in 8:6.9.7.4+dfsg-7) sid: resolved (fixed in 8:6.9.7.4+dfsg-7) trixie: resolved (fixed in

debian

CVE-2017-12671LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-15 (bookworm)2017

CVE-2017-12671 [MEDIUM] CVE-2017-12671: imagemagick - In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, lea... In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause a denial of service. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-15) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-15) forky: resolved (fixed in 8:6.9.7

debian

CVE-2017-11310LOWCVSS 8.82017

CVE-2017-11310 [HIGH] CVE-2017-11310: imagemagick - The read_user_chunk_callback function in coders\png.c in ImageMagick 7.0.6-1 Q16... The read_user_chunk_callback function in coders\png.c in ImageMagick 7.0.6-1 Q16 2017-06-21 (beta) has memory leak vulnerabilities via crafted PNG files. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

debian

CVE-2017-18273LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-18273 [MEDIUM] CVE-2017-18273: imagemagick - In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability wa... In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fix

debian

CVE-2017-14343LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-14343 [MEDIUM] CVE-2017-14343: imagemagick - ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xc... ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.9.9.34+dfsg-3) trixie: resolved (fixed in 8:6.9.9.34+dfsg-3)

debian

CVE-2017-15281LOWCVSS 8.8fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-15281 [HIGH] CVE-2017-15281: imagemagick - ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to c... ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)." Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfs

debian

CVE-2017-12430LOWCVSS 7.5fixed in imagemagick 8:6.9.7.4+dfsg-13 (bookworm)2017

CVE-2017-12430 [HIGH] CVE-2017-12430: imagemagick - In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the funct... In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-13) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-13) forky: resolved (fixed in 8:6.9.7.4+dfsg-13) sid: resolved (fixed in 8:6.9.7.4+dfsg-13)

debian

CVE-2017-14137LOWCVSS 7.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-14137 [HIGH] CVE-2017-14137: imagemagick - ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory ... ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.9.9.34+dfsg-3) trixie:

debian

CVE-2017-11539LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-15 (bookworm)2017

CVE-2017-11539 [MEDIUM] CVE-2017-11539: imagemagick - When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a M... When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in coders/png.c. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-15) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-15) forky: resolved (fixed in 8:6.9.7.4+dfsg-15) sid: resolved (fixed in 8:6.9.7.4+dfsg-15) trixie: resolved (fixed

debian

CVE-2017-18008LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-18008 [MEDIUM] CVE-2017-18008: imagemagick - In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pw... In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.9.9.34+dfsg-3) trixie: resolved (fixed in 8:6.9.9.34+dfsg-3)

debian

CVE-2017-13769LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-13769 [MEDIUM] CVE-2017-13769: imagemagick - The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.... The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed i

debian

← Previous23 / 37Next →