Vulnerabilities > Graphicsmagick
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-18 | CVE-2017-11403 | Use After Free vulnerability in Graphicsmagick 1.3.26 The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file. | 6.8 |
| 2017-07-10 | CVE-2017-11140 | Resource Exhaustion vulnerability in Graphicsmagick 1.3.26 The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files. | 7.1 |
| 2017-07-10 | CVE-2017-11139 | Double Free vulnerability in multiple products GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c. | 7.5 |
| 2017-07-07 | CVE-2017-11102 | Improper Input Validation vulnerability in Graphicsmagick 1.3.26 The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during JNG reading via a zero-length color_image data structure. | 5.0 |
| 2017-07-03 | CVE-2017-10800 | Resource Exhaustion vulnerability in Graphicsmagick 1.3.25 When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data. | 4.3 |
| 2017-07-03 | CVE-2017-10799 | Resource Exhaustion vulnerability in Graphicsmagick 1.3.25 When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage(). | 4.3 |
| 2017-07-02 | CVE-2017-10794 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Graphicsmagick 1.3.25 When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode. | 4.3 |
| 2017-05-19 | CVE-2017-9098 | Use of Uninitialized Resource vulnerability in multiple products ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. | 5.0 |
| 2017-03-14 | CVE-2017-6335 | Out-of-bounds Read vulnerability in Graphicsmagick The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file. | 4.3 |
| 2017-03-01 | CVE-2016-9830 | Improper Input Validation vulnerability in multiple products The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image. | 4.3 |