Vulnerabilities > Imagemagick > Low

DATE CVE VULNERABILITY TITLE RISK
2023-08-08 CVE-2023-39978 Memory Leak vulnerability in multiple products
ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw.
local
low complexity
imagemagick fedoraproject CWE-401
3.3
2022-08-26 CVE-2021-3574 Memory Leak vulnerability in multiple products
A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks.
local
low complexity
imagemagick fedoraproject CWE-401
3.3
2021-09-13 CVE-2021-39212 Unspecified vulnerability in Imagemagick
ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications.
local
high complexity
imagemagick
3.6
2021-05-14 CVE-2020-27769 In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.
local
low complexity
imagemagick redhat fedoraproject
3.3
2021-02-23 CVE-2020-27768 In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h.
local
low complexity
imagemagick debian
3.3
2020-12-08 CVE-2020-25675 In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer.
local
low complexity
imagemagick debian
3.3
2020-12-08 CVE-2020-27751 Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in ImageMagick in MagickCore/quantum-export.c.
local
low complexity
imagemagick debian CWE-190
3.3
2020-12-08 CVE-2020-27754 In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file.
local
low complexity
imagemagick debian
3.3
2020-12-08 CVE-2020-27755 Unspecified vulnerability in Imagemagick
in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size.
local
low complexity
imagemagick
3.3
2020-12-08 CVE-2020-27757 A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long.
local
low complexity
imagemagick debian
3.3