Vulnerabilities > Graphicsmagick > Graphicsmagick > 1.3.25
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-02-05 | CVE-2019-7397 | Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. | 5.0 |
2018-10-21 | CVE-2018-18544 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31. | 4.3 |
2018-02-07 | CVE-2018-6799 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used. | 8.8 |
2017-07-03 | CVE-2017-10800 | Resource Exhaustion vulnerability in Graphicsmagick 1.3.25 When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data. | 4.3 |
2017-07-03 | CVE-2017-10799 | Resource Exhaustion vulnerability in Graphicsmagick 1.3.25 When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage(). | 4.3 |
2017-07-02 | CVE-2017-10794 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Graphicsmagick 1.3.25 When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode. | 4.3 |
2017-03-14 | CVE-2017-6335 | Out-of-bounds Read vulnerability in Graphicsmagick The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file. | 4.3 |
2017-03-01 | CVE-2016-9830 | Improper Input Validation vulnerability in multiple products The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image. | 4.3 |
2017-02-15 | CVE-2016-8684 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file." | 6.8 |
2017-02-15 | CVE-2016-8683 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file." | 6.8 |