Debian Imagemagick vulnerabilities

727 known vulnerabilities affecting debian/imagemagick.

Total CVEs

727

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL24HIGH138MEDIUM255LOW310

Vulnerabilities

Page 24 of 37

CVE-2017-14400LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-14400 [MEDIUM] CVE-2017-14400: imagemagick - In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mis... In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in

debian

CVE-2017-11724LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-14 (bookworm)2017

CVE-2017-11724 [MEDIUM] CVE-2017-11724: imagemagick - The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x... The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x through 7.0.6-3 has memory leaks involving the quantum_info and clone_info data structures. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-14) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-14) forky: resolved (fixed in 8:6.9.7.4+dfsg-14) sid: resolved (fixed in 8:6.9.7.4+d

debian

CVE-2017-13059LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-13059 [MEDIUM] CVE-2017-13059: imagemagick - In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function Wr... In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service (WriteJNGImage memory consumption) via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.

debian

CVE-2017-12875LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-12875 [MEDIUM] CVE-2017-12875: imagemagick - The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attacker... The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.9.9.34+dfsg-3) trixie: resolved

debian

CVE-2017-12676LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-15 (bookworm)2017

CVE-2017-12676 [MEDIUM] CVE-2017-12676: imagemagick - In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function Re... In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-15) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-15) forky: resolved (fixed in 8:6.9.7.4+dfsg-15) sid: resolved (fixed in 8:6.9.7.4+dfsg-15) t

debian

CVE-2017-11141LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-12 (bookworm)2017

CVE-2017-11141 [MEDIUM] CVE-2017-11141: imagemagick - The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory le... The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-12) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-12) forky: resolved (fixed in 8:6.9.7.4+dfsg-12

debian

CVE-2017-13060LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-13060 [MEDIUM] CVE-2017-13060: imagemagick - In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function Re... In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.

debian

CVE-2017-12665LOWCVSS 8.8fixed in imagemagick 8:6.9.7.4+dfsg-16 (bookworm)2017

CVE-2017-12665 [HIGH] CVE-2017-12665: imagemagick - ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage in coders/... ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage in coders/pict.c. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-16) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-16) forky: resolved (fixed in 8:6.9.7.4+dfsg-16) sid: resolved (fixed in 8:6.9.7.4+dfsg-16) trixie: resolved (fixed in 8:6.9.7.4+dfsg-16)

debian

CVE-2017-12876LOWCVSS 6.52017

CVE-2017-12876 [MEDIUM] CVE-2017-12876: imagemagick - Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows rem... Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

debian

CVE-2017-12691LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-12691 [MEDIUM] CVE-2017-12691: imagemagick - The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote a... The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.9.9.34+dfsg-3) trixie

debian

CVE-2017-7275LOWCVSS 8.82017

CVE-2017-7275 [HIGH] CVE-2017-7275: imagemagick - The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote a... The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866. Scope: local bookworm: open bullseye: open forky: open sid: open trixie:

debian

CVE-2017-14607LOWCVSS 8.1fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-14607 [HIGH] CVE-2017-14607: imagemagick - In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage ... In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed

debian

CVE-2017-12662LOWCVSS 8.8fixed in imagemagick 8:6.9.7.4+dfsg-16 (bookworm)2017

CVE-2017-12662 [HIGH] CVE-2017-12662: imagemagick - ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/p... ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-16) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-16) forky: resolved (fixed in 8:6.9.7.4+dfsg-16) sid: resolved (fixed in 8:6.9.7.4+dfsg-16) trixie: resolved (fixed in 8:6.9.7.4+dfsg-16)

debian

CVE-2017-15033LOWCVSS 7.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-15033 [HIGH] CVE-2017-15033: imagemagick - ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv... ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.9.9.34+dfsg-3) trixie: resolved (fixed in 8:6.9.9.34+dfsg-3)

debian

CVE-2017-12664LOWCVSS 8.8fixed in imagemagick 8:6.9.7.4+dfsg-13 (bookworm)2017

CVE-2017-12664 [HIGH] CVE-2017-12664: imagemagick - ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/... ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/palm.c. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-13) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-13) forky: resolved (fixed in 8:6.9.7.4+dfsg-13) sid: resolved (fixed in 8:6.9.7.4+dfsg-13) trixie: resolved (fixed in 8:6.9.7.4+dfsg-13)

debian

CVE-2017-12666LOWCVSS 8.8fixed in imagemagick 8:6.9.7.4+dfsg-16 (bookworm)2017

CVE-2017-12666 [HIGH] CVE-2017-12666: imagemagick - ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage in coder... ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage in coders/inline.c. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-16) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-16) forky: resolved (fixed in 8:6.9.7.4+dfsg-16) sid: resolved (fixed in 8:6.9.7.4+dfsg-16) trixie: resolved (fixed in 8:6.9.7.4+dfsg-16)

debian

CVE-2017-12693LOWCVSS 6.5fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-12693 [MEDIUM] CVE-2017-12693: imagemagick - The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote a... The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.9.9.34+dfsg-3) tr

debian

CVE-2017-14626LOWCVSS 9.8fixed in imagemagick 8:6.9.9.34+dfsg-3 (bookworm)2017

CVE-2017-14626 [CRITICAL] CVE-2017-14626: imagemagick - ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the func... ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.9.9.34+dfsg-3) trixie: resolved (fixed in 8:6.9.9.34+dfsg-3)

debian

CVE-2017-7943LOWCVSS 6.5fixed in imagemagick 8:6.9.7.4+dfsg-6 (bookworm)2017

CVE-2017-7943 [MEDIUM] CVE-2017-7943: imagemagick - The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attacker... The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-6) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-6) forky: resolved (fixed in 8:6.9.7.4+dfsg-6) sid: resolved (fixed in 8:6.9.7.4+dfsg-6) trixie: resolved (fixed in 8

debian

CVE-2017-18210LOWCVSS 9.82017

CVE-2017-18210 [CRITICAL] CVE-2017-18210: imagemagick - In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the ... In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

debian

← Previous24 / 37Next →