Vulnerabilities > Graphicsmagick > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-27 | CVE-2017-15930 | NULL Pointer Dereference vulnerability in multiple products In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer. | 8.8 |
| 2017-10-11 | CVE-2017-15238 | Use After Free vulnerability in multiple products ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage. | 8.8 |
| 2017-08-30 | CVE-2017-13777 | Excessive Iteration vulnerability in multiple products GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it. | 7.1 |
| 2017-08-30 | CVE-2017-13776 | Excessive Iteration vulnerability in multiple products GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it. | 7.1 |
| 2017-08-18 | CVE-2017-12937 | Out-of-bounds Read vulnerability in multiple products The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read. | 8.8 |
| 2017-08-18 | CVE-2017-12936 | Use After Free vulnerability in multiple products The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting. | 8.8 |
| 2017-08-18 | CVE-2017-12935 | Out-of-bounds Read vulnerability in multiple products The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c. | 8.8 |
| 2017-07-26 | CVE-2017-11643 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths. | 7.5 |
| 2017-07-26 | CVE-2017-11642 | NULL Pointer Dereference vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638. | 8.8 |
| 2017-07-26 | CVE-2017-11641 | Missing Release of Resource after Effective Lifetime vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files. | 7.5 |