Vulnerabilities > Imagemagick > Imagemagick > 7.0.7.2

DATE CVE VULNERABILITY TITLE RISK
2017-12-11 CVE-2017-17504 Out-of-bounds Read vulnerability in multiple products
ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.
network
low complexity
imagemagick canonical debian CWE-125
6.5
6.5
2017-12-11 CVE-2017-17499 Use After Free vulnerability in multiple products
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
network
low complexity
imagemagick canonical debian CWE-416
critical
 9.8
9.8
2017-10-10 CVE-2017-15218 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5
2017-10-10 CVE-2017-15217 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5
2017-10-05 CVE-2017-15033 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.
network
low complexity
imagemagick canonical CWE-772
7.5
7.5
2017-10-05 CVE-2017-15032 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
network
low complexity
imagemagick canonical CWE-772
critical
 9.8
9.8