Vulnerabilities > Imagemagick > Imagemagick > 7.0.8.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-08 | CVE-2020-25666 | Integer Overflow or Wraparound vulnerability in multiple products There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. | 3.3 |
| 2020-12-08 | CVE-2020-25665 | Out-of-bounds Read vulnerability in multiple products The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. | 5.5 |
| 2020-12-08 | CVE-2020-25664 | Heap-based Buffer Overflow vulnerability in multiple products In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. | 6.1 |
| 2020-12-08 | CVE-2020-25663 | Use After Free vulnerability in Imagemagick A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() was called. | 4.3 |
| 2020-12-07 | CVE-2020-29599 | XML Injection (aka Blind XPath Injection) vulnerability in multiple products ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. | 7.8 |
| 2020-12-04 | CVE-2020-27773 | Divide By Zero vulnerability in multiple products A flaw was found in ImageMagick in MagickCore/gem-private.h. | 3.3 |
| 2020-12-04 | CVE-2020-27772 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in ImageMagick in coders/bmp.c. | 3.3 |
| 2020-12-04 | CVE-2020-27776 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in ImageMagick in MagickCore/statistic.c. | 3.3 |
| 2020-12-04 | CVE-2020-27775 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in ImageMagick in MagickCore/quantum.h. | 3.3 |
| 2020-12-04 | CVE-2020-27774 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in ImageMagick in MagickCore/statistic.c. | 3.3 |