Vulnerabilities > Imagemagick

DATE CVE VULNERABILITY TITLE RISK
2022-08-26 CVE-2021-3574 Memory Leak vulnerability in multiple products
A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks.
local
low complexity
imagemagick fedoraproject CWE-401
3.3
2022-06-16 CVE-2022-32545 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed.
6.8
2022-06-16 CVE-2022-32546 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed.
6.8
2022-06-16 CVE-2022-32547 Incorrect Type Conversion or Cast vulnerability in multiple products
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c.
6.8
2022-05-08 CVE-2022-28463 Classic Buffer Overflow vulnerability in multiple products
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.
6.8
2022-04-29 CVE-2022-1114 Use After Free vulnerability in Imagemagick
A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file.
5.8
2022-03-23 CVE-2021-4219 Improper Input Validation vulnerability in Imagemagick
A flaw was found in ImageMagick.
4.3
2022-02-24 CVE-2021-3596 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c.
4.3
2022-02-24 CVE-2021-3610 Out-of-bounds Read vulnerability in multiple products
A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c.
network
low complexity
imagemagick fedoraproject redhat CWE-125
5.0
2021-11-19 CVE-2021-3962 Use After Free vulnerability in Imagemagick 7.1.014
A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes.
6.8