Vulnerabilities > Imagemagick > Low

DATE CVE VULNERABILITY TITLE RISK
2023-08-08 CVE-2023-39978 Memory Leak vulnerability in multiple products
ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw.
local
low complexity
imagemagick fedoraproject CWE-401
3.3
2022-08-26 CVE-2021-3574 Memory Leak vulnerability in multiple products
A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks.
local
low complexity
imagemagick fedoraproject CWE-401
3.3
2021-09-13 CVE-2021-39212 Exposure of Resource to Wrong Sphere vulnerability in Imagemagick
ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications.
local
high complexity
imagemagick CWE-668
3.6
2021-05-14 CVE-2020-27769 Integer Overflow or Wraparound vulnerability in multiple products
In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.
local
low complexity
imagemagick redhat fedoraproject CWE-190
3.3
2021-02-23 CVE-2020-27768 Integer Overflow or Wraparound vulnerability in multiple products
In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h.
local
low complexity
imagemagick debian CWE-190
3.3
2020-12-08 CVE-2020-25675 Integer Overflow or Wraparound vulnerability in multiple products
In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer.
local
low complexity
imagemagick debian CWE-190
3.3
2020-12-08 CVE-2020-27751 Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in ImageMagick in MagickCore/quantum-export.c.
local
low complexity
imagemagick debian CWE-190
3.3
2020-12-08 CVE-2020-27754 Integer Overflow or Wraparound vulnerability in multiple products
In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file.
local
low complexity
imagemagick debian CWE-190
3.3
2020-12-08 CVE-2020-27757 Integer Overflow or Wraparound vulnerability in multiple products
A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long.
local
low complexity
imagemagick debian CWE-190
3.3
2020-12-08 CVE-2020-27758 Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in ImageMagick in coders/txt.c.
local
low complexity
imagemagick debian CWE-190
3.3