Debian Imagemagick vulnerabilities

CVE-2020-27761 [LOW] CVE-2020-27761: imagemagick - WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calcu... WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to `ssize_t` instead to avoid this issue. Red Hat Product Security marked the Severity as Low because al

CVE-2020-27751 [LOW] CVE-2020-27751: imagemagick - A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who ... A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long long` as well as a shift exponent that is too large for 64-bit type. This would most likely lead to an impact to application availabi

CVE-2020-27772 [LOW] CVE-2020-27772: imagemagick - A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a craft... A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. Thi

CVE-2020-27775 [LOW] CVE-2020-27775: imagemagick - A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits... A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavi

CVE-2020-27769 [LOW] CVE-2020-27769: imagemagick - In ImageMagick versions before 7.0.9-0, there are outside the range of represent... In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c. Scope: local bookworm: resolved (fixed in 8:6.9.11.24+dfsg-1) bullseye: resolved (fixed in 8:6.9.11.24+dfsg-1) forky: resolved (fixed in 8:6.9.11.24+dfsg-1) sid: resolved (fixed in 8:6.9.11.24+dfsg-1) trixie: resolved (fixed in 8:6

CVE-2020-27758 [LOW] CVE-2020-27758: imagemagick - A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a craft... A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long long`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavio

CVE-2020-27754 [LOW] CVE-2020-27754: imagemagick - In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketInten... In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file. To mitigate this, the patch introduces and uses the ConstrainPixelIntensity() function, which forces the pixel intensities to be within the proper bounds in the event of an overf

CVE-2019-12979 [HIGH] CVE-2019-12979: imagemagick - ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the Syn... ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c. Scope: local bookworm: resolved (fixed in 8:6.9.11.24+dfsg-1) bullseye: resolved (fixed in 8:6.9.11.24+dfsg-1) forky: resolved (fixed in 8:6.9.11.24+dfsg-1) sid: resolved (fixed in 8:6.9

CVE-2019-11597 [HIGH] CVE-2019-11597: imagemagick - In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the funct... In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. Scope: local bookworm: resolved (fixed in 8:6.9.11.24+dfsg-1) bullseye: resolved (fixed in 8:6.9.11.24+dfsg-1) forky: resolved (fixe

CVE-2019-11598 [HIGH] CVE-2019-11598: imagemagick - In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the funct... In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c. Scope: local bookworm: resolved (fixed in 8:6.9.11.24+dfsg-1) bullseye:

CVE-2019-13306 [HIGH] CVE-2019-13306: imagemagick - ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in Wr... ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors. Scope: local bookworm: resolved (fixed in 8:6.9.11.24+dfsg-1) bullseye: resolved (fixed in 8:6.9.11.24+dfsg-1) forky: resolved (fixed in 8:6.9.11.24+dfsg-1) sid: resolved (fixed in 8:6.9.11.24+dfsg-1) trixie: resolved (fixed in 8:6.9.11.24+df

CVE-2019-10650 [HIGH] CVE-2019-10650: imagemagick - In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the funct... In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file. Scope: local bookworm: resolved (fixed in 8:6.9.10.23+dfsg-2.1) bullseye: resolved (fixed in 8:6.9.10.23+dfsg-2.1) forky: resolved (fixed in

CVE-2019-13135 [HIGH] CVE-2019-13135: imagemagick - ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in ... ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. Scope: local bookworm: resolved (fixed in 8:6.9.11.24+dfsg-1) bullseye: resolved (fixed in 8:6.9.11.24+dfsg-1) forky: resolved (fixed in 8:6.9.11.24+dfsg-1) sid: resolved (fixed in 8:6.9.11.24+dfsg-1) trixie: resolved (fixed in 8:6.9.11.24+d

CVE-2019-10131 [HIGH] CVE-2019-10131: imagemagick - An off-by-one read vulnerability was discovered in ImageMagick before version 7.... An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program. Scope: local bookworm: resolved (fixed in 8:6.9.10.2+dfsg-2) bullseye: resolved (fixed in 8:6.9.10.2+dfsg-2) forky: resolved

CVE-2019-13304 [HIGH] CVE-2019-13304: imagemagick - ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in Wr... ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment. Scope: local bookworm: resolved (fixed in 8:6.9.11.24+dfsg-1) bullseye: resolved (fixed in 8:6.9.11.24+dfsg-1) forky: resolved (fixed in 8:6.9.11.24+dfsg-1) sid: resolved (fixed in 8:6.9.11.24+dfsg-1) trixie: resolved (fixed in 8:6.9.11.

CVE-2019-15140 [HIGH] CVE-2019-15140: imagemagick - coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a deni... coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c. Scope: local bookworm: resolved (fixed in 8:6.9.11.24+dfsg-1) bullseye: resolved (fixed in 8:6.9.

CVE-2019-9956 [HIGH] CVE-2019-9956: imagemagick - In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the funct... In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file. Scope: local bookworm: resolved (fixed in 8:6.9.10.23+dfsg-2.1) bullseye: resolved (fixed in 8:6.9.10.23+dfsg-2.1) forky: resolved (fixed in 8:6.9.10.23+dfs

CVE-2019-13307 [HIGH] CVE-2019-13307: imagemagick - ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statisti... ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows. Scope: local bookworm: resolved (fixed in 8:6.9.11.24+dfsg-1) bullseye: resolved (fixed in 8:6.9.11.24+dfsg-1) forky: resolved (fixed in 8:6.9.11.24+dfsg-1) sid: resolved (fixed in 8:6.9.11.24+dfsg-1) trixie: resolved (fixed in 8:6.9

CVE-2019-13305 [HIGH] CVE-2019-13305: imagemagick - ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in Wr... ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error. Scope: local bookworm: resolved (fixed in 8:6.9.11.24+dfsg-1) bullseye: resolved (fixed in 8:6.9.11.24+dfsg-1) forky: resolved (fixed in 8:6.9.11.24+dfsg-1) sid: resolved (fixed in 8:6.9.11.24+dfsg-1) trixie: resolve

CVE-2019-13300 [HIGH] CVE-2019-13300: imagemagick - ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statisti... ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns. Scope: local bookworm: resolved (fixed in 8:6.9.11.24+dfsg-1) bullseye: resolved (fixed in 8:6.9.11.24+dfsg-1) forky: resolved (fixed in 8:6.9.11.24+dfsg-1) sid: resolved (fixed in 8:6.9.11.24+dfsg-1) trixie: resolved (fixed in 8: