Vulnerabilities > Graphicsmagick
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-30 | CVE-2017-13776 | Excessive Iteration vulnerability in multiple products GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it. | 7.1 |
| 2017-08-30 | CVE-2017-13775 | GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests. | 6.5 |
| 2017-08-29 | CVE-2017-13737 | Use After Free vulnerability in multiple products There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. | 6.5 |
| 2017-08-29 | CVE-2017-13736 | Missing Release of Resource after Effective Lifetime vulnerability in Graphicsmagick 1.3.26 There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. | 6.5 |
| 2017-08-23 | CVE-2017-13648 | Missing Release of Resource after Effective Lifetime vulnerability in Graphicsmagick 1.3.26 In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c. | 6.5 |
| 2017-08-23 | CVE-2017-13147 | Improper Input Validation vulnerability in Graphicsmagick 1.3.26 In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value. | 6.8 |
| 2017-08-22 | CVE-2017-13066 | Missing Release of Resource after Effective Lifetime vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c. | 4.3 |
| 2017-08-22 | CVE-2017-13065 | NULL Pointer Dereference vulnerability in multiple products GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. | 6.5 |
| 2017-08-22 | CVE-2017-13064 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. | 6.5 |
| 2017-08-22 | CVE-2017-13063 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12. | 6.5 |