Vulnerabilities > Graphicsmagick > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-06 | CVE-2017-14165 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Graphicsmagick 1.3.26 The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. | 4.3 |
| 2017-09-01 | CVE-2017-14103 | Use After Free vulnerability in Graphicsmagick 1.3.26 The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call. | 6.8 |
| 2017-08-30 | CVE-2017-14042 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Graphicsmagick 1.3.26 A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. | 4.3 |
| 2017-08-30 | CVE-2017-13775 | GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests. | 6.5 |
| 2017-08-29 | CVE-2017-13737 | Use After Free vulnerability in multiple products There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. | 6.5 |
| 2017-08-29 | CVE-2017-13736 | Missing Release of Resource after Effective Lifetime vulnerability in Graphicsmagick 1.3.26 There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. | 6.5 |
| 2017-08-23 | CVE-2017-13648 | Missing Release of Resource after Effective Lifetime vulnerability in Graphicsmagick 1.3.26 In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c. | 6.5 |
| 2017-08-23 | CVE-2017-13147 | Improper Input Validation vulnerability in Graphicsmagick 1.3.26 In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value. | 6.8 |
| 2017-08-22 | CVE-2017-13066 | Missing Release of Resource after Effective Lifetime vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c. | 4.3 |
| 2017-08-22 | CVE-2017-13065 | NULL Pointer Dereference vulnerability in multiple products GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. | 6.5 |