Debian Imagemagick vulnerabilities

727 known vulnerabilities affecting debian/imagemagick.

Total CVEs

727

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL24HIGH138MEDIUM255LOW310

Vulnerabilities

Page 30 of 37

CVE-2016-10070MEDIUMCVSS 5.5fixed in imagemagick 8:6.9.6.2+dfsg-2 (bookworm)2016

CVE-2016-10070 [MEDIUM] CVE-2016-10070: imagemagick - Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMa... Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file. Scope: local bookworm: resolved (fixed in 8:6.9.6.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.6.2+dfsg-2) forky: resolved (fixed in 8:6.9.6.2

debian

CVE-2016-7516MEDIUMCVSS 6.5fixed in imagemagick 8:6.9.6.2+dfsg-2 (bookworm)2016

CVE-2016-7516 [MEDIUM] CVE-2016-7516: imagemagick - The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attacke... The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file. Scope: local bookworm: resolved (fixed in 8:6.9.6.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.6.2+dfsg-2) forky: resolved (fixed in 8:6.9.6.2+dfsg-2) sid: resolved (fixed in 8:6.9.6.2+dfsg-2) trixie: resol

debian

CVE-2016-3718MEDIUMCVSS 5.5KEVPoCfixed in graphicsmagick 1.3.24-1 (bookworm)2016

CVE-2016-3718 [MEDIUM] CVE-2016-3718: graphicsmagick - The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.... The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image. Scope: local bookworm: resolved (fixed in 1.3.24-1) bullseye: resolved (fixed in 1.3.24-1) forky: resolved (fixed in 1.3.24-1) sid: resolved (fixed in 1.3.24-1) trixie: resolved

debian

CVE-2016-7537MEDIUMCVSS 6.5fixed in imagemagick 8:6.9.6.2+dfsg-2 (bookworm)2016

CVE-2016-7537 [MEDIUM] CVE-2016-7537: imagemagick - MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of ... MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file. Scope: local bookworm: resolved (fixed in 8:6.9.6.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.6.2+dfsg-2) forky: resolved (fixed in 8:6.9.6.2+dfsg-2) sid: resolved (fixed in 8:6.9.6.2+dfsg-2) trixie: resolved (fixed in 8:6.9.6.2

debian

CVE-2016-7799MEDIUMCVSS 6.5fixed in imagemagick 8:6.9.6.2+dfsg-2 (bookworm)2016

CVE-2016-7799 [MEDIUM] CVE-2016-7799: imagemagick - MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to ca... MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.6.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.6.2+dfsg-2) forky: resolved (fixed in 8:6.9.6.2+dfsg-2) sid: resolved (fixed in 8:6.9.6.2+dfsg-2) trixie: resolved (fixed in

debian

CVE-2016-7513MEDIUMCVSS 6.5fixed in imagemagick 8:6.9.6.2+dfsg-2 (bookworm)2016

CVE-2016-7513 [MEDIUM] CVE-2016-7513: imagemagick - Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cau... Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors. Scope: local bookworm: resolved (fixed in 8:6.9.6.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.6.2+dfsg-2) forky: resolved (fixed in 8:6.9.6.2+dfsg-2) sid: resolved (fixed in 8:6.9.6.2+dfsg-2) trixie: resolved (fixe

debian

CVE-2016-7536MEDIUMCVSS 6.5fixed in imagemagick 8:6.9.6.2+dfsg-2 (bookworm)2016

CVE-2016-7536 [MEDIUM] CVE-2016-7536: imagemagick - magick/profile.c in ImageMagick allows remote attackers to cause a denial of ser... magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile. Scope: local bookworm: resolved (fixed in 8:6.9.6.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.6.2+dfsg-2) forky: resolved (fixed in 8:6.9.6.2+dfsg-2) sid: resolved (fixed in 8:6.9.6.2+dfsg-2) trixie: resolved (fixed in 8:6.9.6.2+dfsg-

debian

CVE-2016-10058MEDIUMCVSS 5.5fixed in imagemagick 8:6.9.6.5+dfsg-1 (bookworm)2016

CVE-2016-10058 [MEDIUM] CVE-2016-10058: imagemagick - Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before ... Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file. Scope: local bookworm: resolved (fixed in 8:6.9.6.5+dfsg-1) bullseye: resolved (fixed in 8:6.9.6.5+dfsg-1) forky: resolved (fixed in 8:6.9.6.5+dfsg-1) sid: resolved (fixed in

debian

CVE-2016-3717MEDIUMCVSS 5.5PoCfixed in graphicsmagick 1.3.24-1 (bookworm)2016

CVE-2016-3717 [MEDIUM] CVE-2016-3717: graphicsmagick - The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows rem... The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image. Scope: local bookworm: resolved (fixed in 1.3.24-1) bullseye: resolved (fixed in 1.3.24-1) forky: resolved (fixed in 1.3.24-1) sid: resolved (fixed in 1.3.24-1) trixie: resolved (fixed in 1.3.24-1)

debian

CVE-2016-7517MEDIUMCVSS 6.5fixed in imagemagick 8:6.9.6.2+dfsg-2 (bookworm)2016

CVE-2016-7517 [MEDIUM] CVE-2016-7517: imagemagick - The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers... The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file. Scope: local bookworm: resolved (fixed in 8:6.9.6.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.6.2+dfsg-2) forky: resolved (fixed in 8:6.9.6.2+dfsg-2) sid: resolved (fixed in 8:6.9.6.2+dfsg-2) trixie: resolve

debian

CVE-2016-7533MEDIUMCVSS 6.5fixed in imagemagick 8:6.9.6.2+dfsg-2 (bookworm)2016

CVE-2016-7533 [MEDIUM] CVE-2016-7533: imagemagick - The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers... The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file. Scope: local bookworm: resolved (fixed in 8:6.9.6.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.6.2+dfsg-2) forky: resolved (fixed in 8:6.9.6.2+dfsg-2) sid: resolved (fixed in 8:6.9.6.2+dfsg-2) trixie: resolved

debian

CVE-2016-7101MEDIUMCVSS 6.5fixed in imagemagick 8:6.9.6.2+dfsg-2 (bookworm)2016

CVE-2016-7101 [MEDIUM] CVE-2016-7101: imagemagick - The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a ... The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file. Scope: local bookworm: resolved (fixed in 8:6.9.6.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.6.2+dfsg-2) forky: resolved (fixed in 8:6.9.6.2+dfsg-2) sid: resolved (fixed in 8:6.9.6.2+dfsg-2) trixie: resolv

debian

CVE-2016-7527MEDIUMCVSS 6.5fixed in imagemagick 8:6.9.6.2+dfsg-2 (bookworm)2016

CVE-2016-7527 [MEDIUM] CVE-2016-7527: imagemagick - coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service... coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.6.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.6.2+dfsg-2) forky: resolved (fixed in 8:6.9.6.2+dfsg-2) sid: resolved (fixed in 8:6.9.6.2+dfsg-2) trixie: resolved (fixed in 8:6.9.6.2+dfsg-2)

debian

CVE-2016-7522MEDIUMCVSS 6.5fixed in imagemagick 8:6.9.6.2+dfsg-2 (bookworm)2016

CVE-2016-7522 [MEDIUM] CVE-2016-7522: imagemagick - The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote at... The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. Scope: local bookworm: resolved (fixed in 8:6.9.6.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.6.2+dfsg-2) forky: resolved (fixed in 8:6.9.6.2+dfsg-2) sid: resolved (fixed in 8:6.9.6.2+dfsg-2) trixie: r

debian

CVE-2016-7524MEDIUMCVSS 6.5fixed in imagemagick 8:6.9.6.2+dfsg-2 (bookworm)2016

CVE-2016-7524 [MEDIUM] CVE-2016-7524: imagemagick - coders/meta.c in ImageMagick allows remote attackers to cause a denial of servic... coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.6.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.6.2+dfsg-2) forky: resolved (fixed in 8:6.9.6.2+dfsg-2) sid: resolved (fixed in 8:6.9.6.2+dfsg-2) trixie: resolved (fixed in 8:6.9.6.2+dfsg-2)

debian

CVE-2016-7530MEDIUMCVSS 6.5fixed in imagemagick 8:6.9.6.2+dfsg-2 (bookworm)2016

CVE-2016-7530 [MEDIUM] CVE-2016-7530: imagemagick - The quantum handling code in ImageMagick allows remote attackers to cause a deni... The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.6.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.6.2+dfsg-2) forky: resolved (fixed in 8:6.9.6.2+dfsg-2) sid: resolved (fixed in 8:6.9.6.2+dfsg-2) trixie: res

debian

CVE-2016-7518MEDIUMCVSS 6.5fixed in imagemagick 8:6.9.6.2+dfsg-2 (bookworm)2016

CVE-2016-7518 [MEDIUM] CVE-2016-7518: imagemagick - The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers... The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file. Scope: local bookworm: resolved (fixed in 8:6.9.6.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.6.2+dfsg-2) forky: resolved (fixed in 8:6.9.6.2+dfsg-2) sid: resolved (fixed in 8:6.9.6.2+dfsg-2) trixie: resolved

debian

CVE-2016-9556MEDIUMCVSS 5.5fixed in imagemagick 8:6.9.6.5+dfsg-1 (bookworm)2016

CVE-2016-9556 [MEDIUM] CVE-2016-9556: imagemagick - The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 a... The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. Scope: local bookworm: resolved (fixed in 8:6.9.6.5+dfsg-1) bullseye: resolved (fixed in 8:6.9.6.5+dfsg-1) forky: resolved (fixed in 8:6.9.6.5+dfsg-1) sid: resolved (fixed in 8:6.9

debian

CVE-2016-7538MEDIUMCVSS 6.5fixed in imagemagick 8:6.9.6.2+dfsg-2 (bookworm)2016

CVE-2016-7538 [MEDIUM] CVE-2016-7538: imagemagick - coders/psd.c in ImageMagick allows remote attackers to cause a denial of service... coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.6.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.6.2+dfsg-2) forky: resolved (fixed in 8:6.9.6.2+dfsg-2) sid: resolved (fixed in 8:6.9.6.2+dfsg-2) trixie: resolved (fixed in 8:6.9.6.2+dfsg-2)

debian

CVE-2016-10061MEDIUMCVSS 6.5fixed in imagemagick 8:6.9.6.2+dfsg-2 (bookworm)2016

CVE-2016-10061 [MEDIUM] CVE-2016-10061: imagemagick - The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 doe... The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) via a crafted image file. Scope: local bookworm: resolved (fixed in 8:6.9.6.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.6.2+dfsg-2) forky: resolved (fixed in 8:6.

debian

← Previous30 / 37Next →