Search CVE reports
111 – 120 of 142 results
Some fixes available 1 of 6
The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.
1 affected package
graphicsmagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
Some fixes available 11 of 16
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
2 affected packages
graphicsmagick, imagemagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
| imagemagick | — | — | — | Fixed |
Some fixes available 11 of 16
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
2 affected packages
graphicsmagick, imagemagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
| imagemagick | — | — | — | Fixed |
Some fixes available 11 of 16
The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.
2 affected packages
graphicsmagick, imagemagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
| imagemagick | — | — | — | Fixed |
Some fixes available 11 of 16
The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
2 affected packages
graphicsmagick, imagemagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
| imagemagick | — | — | — | Fixed |
Some fixes available 11 of 16
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
2 affected packages
graphicsmagick, imagemagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
| imagemagick | — | — | — | Fixed |
Some fixes available 11 of 16
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a...
2 affected packages
imagemagick, graphicsmagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| imagemagick | — | — | — | Fixed |
| graphicsmagick | — | — | — | Not affected |
Some fixes available 3 of 13
PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
2 affected packages
graphicsmagick, imagemagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
| imagemagick | — | — | — | Not affected |
The ExportAlphaQuantumType function in export.c in GraphicsMagick before 1.3.18 might allow remote attackers to cause a denial of service (crash) via vectors related to exporting the alpha of an 8-bit RGBA image.
1 affected package
graphicsmagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | — |
The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file...
1 affected package
graphicsmagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | — |