Vulnerabilities > Imagemagick
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-24 | CVE-2021-3596 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. | 6.5 |
| 2022-02-24 | CVE-2021-3610 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. | 7.5 |
| 2021-11-19 | CVE-2021-3962 | Unspecified vulnerability in Imagemagick 7.1.014 A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. | 7.8 |
| 2021-09-13 | CVE-2021-39212 | Unspecified vulnerability in Imagemagick ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. | 3.6 |
| 2021-05-14 | CVE-2020-27769 | In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c. | 3.3 |
| 2021-05-11 | CVE-2021-20309 | A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. | 7.5 |
| 2021-05-11 | CVE-2021-20310 | Unspecified vulnerability in Imagemagick A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. | 7.5 |
| 2021-05-11 | CVE-2021-20311 | Unspecified vulnerability in Imagemagick A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. | 7.5 |
| 2021-05-11 | CVE-2021-20312 | A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. | 7.5 |
| 2021-05-11 | CVE-2021-20313 | A flaw was found in ImageMagick in versions before 7.0.11. | 7.5 |