Vulnerabilities > Imagemagick > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-11 | CVE-2021-20310 | Divide By Zero vulnerability in Imagemagick A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. | 7.8 |
| 2021-05-11 | CVE-2021-20311 | Divide By Zero vulnerability in Imagemagick A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. | 7.8 |
| 2021-05-11 | CVE-2021-20312 | A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. | 7.5 |
| 2021-05-11 | CVE-2021-20313 | A flaw was found in ImageMagick in versions before 7.0.11. | 7.5 |
| 2020-12-08 | CVE-2020-27752 | Heap-based Buffer Overflow vulnerability in Imagemagick A flaw was found in ImageMagick in MagickCore/quantum-private.h. | 7.1 |
| 2020-12-07 | CVE-2020-29599 | XML Injection (aka Blind XPath Injection) vulnerability in multiple products ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. | 7.8 |
| 2020-12-04 | CVE-2020-27766 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in ImageMagick in MagickCore/statistic.c. | 7.8 |
| 2020-11-20 | CVE-2020-19667 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7. | 7.8 |
| 2019-12-24 | CVE-2019-19952 | Use After Free vulnerability in Imagemagick In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage. | 7.5 |
| 2019-10-14 | CVE-2019-17540 | Out-of-bounds Write vulnerability in multiple products ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c. | 8.8 |