1.3.31

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-08	CVE-2019-11007	Out-of-bounds Read vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap. network low complexity graphicsmagick opensuse debian canonical CWE-125	8.1
2019-04-08	CVE-2019-11006	Out-of-bounds Read vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet. network low complexity graphicsmagick opensuse debian CWE-125	6.4
2019-04-08	CVE-2019-11005	Out-of-bounds Write vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value. network low complexity graphicsmagick opensuse CWE-787	7.5
2019-02-05	CVE-2019-7397	Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. network low complexity imagemagick graphicsmagick opensuse debian canonical CWE-401	5.0
2018-12-17	CVE-2018-20189	Improper Input Validation vulnerability in multiple products In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization. network graphicsmagick debian CWE-20	4.3