Vulnerabilities > Horde > Horde Image API > 2.1.0

DATE CVE VULNERABILITY TITLE RISK
2017-09-21 CVE-2017-14650 Improper Input Validation vulnerability in Horde Image API
A Remote Code Execution vulnerability has been found in the Horde_Image library when using the "Im" backend that utilizes ImageMagick's "convert" utility.
network
horde CWE-20
6.8
6.8
2017-06-21 CVE-2017-9774 Code Injection vulnerability in Horde Image API
Remote Code Execution was found in Horde_Image 2.x before 2.5.0 via a crafted GET request.
network
low complexity
horde CWE-94
6.5
6.5