Vulnerabilities > Imagemagick > Imagemagick > 7.0.7.20
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-01 | CVE-2018-16328 | NULL Pointer Dereference vulnerability in Imagemagick In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c. | 7.5 |
| 2018-09-01 | CVE-2018-16323 | Information Exposure vulnerability in multiple products ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. | 4.3 |
| 2018-06-01 | CVE-2018-11656 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file. | 4.3 |
| 2018-06-01 | CVE-2018-11655 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file. | 4.3 |
| 2018-05-18 | CVE-2018-11251 | Out-of-bounds Read vulnerability in Imagemagick In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file. | 4.3 |
| 2018-05-18 | CVE-2017-18272 | Use After Free vulnerability in Imagemagick In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is mishandled in an MngInfoDiscardObject call. | 4.3 |
| 2018-03-01 | CVE-2017-18211 | NULL Pointer Dereference vulnerability in multiple products In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel. | 7.5 |
| 2018-03-01 | CVE-2017-18210 | NULL Pointer Dereference vulnerability in Imagemagick In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked. | 7.5 |
| 2018-03-01 | CVE-2017-18209 | NULL Pointer Dereference vulnerability in multiple products In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory. | 6.8 |
| 2018-01-30 | CVE-2018-6405 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. | 4.3 |