Vulnerabilities > Imagemagick > Imagemagick > 7.0.1.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-23 | CVE-2023-1289 | Improper Input Validation vulnerability in multiple products A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. | 5.5 |
| 2022-08-29 | CVE-2022-0284 | Out-of-bounds Read vulnerability in Imagemagick A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. | 7.1 |
| 2022-08-29 | CVE-2022-1115 | Out-of-bounds Write vulnerability in Imagemagick A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. | 5.5 |
| 2022-08-25 | CVE-2021-20224 | Integer Overflow or Wraparound vulnerability in Imagemagick An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. | 5.5 |
| 2022-08-10 | CVE-2022-2719 | Reachable Assertion vulnerability in multiple products In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. | 5.5 |
| 2022-04-29 | CVE-2022-1114 | Use After Free vulnerability in Imagemagick A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file. | 7.1 |
| 2022-02-24 | CVE-2021-3596 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. | 6.5 |
| 2022-02-24 | CVE-2021-3610 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. | 7.5 |
| 2021-05-14 | CVE-2020-27769 | In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c. | 3.3 |
| 2021-05-11 | CVE-2021-20309 | A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. | 7.5 |