Vulnerabilities > Horde > Horde Image API

DATE CVE VULNERABILITY TITLE RISK
2017-09-21 CVE-2017-14650 Improper Input Validation vulnerability in Horde Image API
A Remote Code Execution vulnerability has been found in the Horde_Image library when using the "Im" backend that utilizes ImageMagick's "convert" utility.
network
high complexity
horde CWE-20
8.1
8.1
2017-06-21 CVE-2017-9774 Code Injection vulnerability in Horde Image API
Remote Code Execution was found in Horde_Image 2.x before 2.5.0 via a crafted GET request.
network
low complexity
horde CWE-94
8.8
8.8