Vulnerabilities > Imagemagick > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-20 | CVE-2018-14434 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c. | 6.5 |
| 2018-07-05 | CVE-2018-13153 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c. | 6.5 |
| 2018-06-01 | CVE-2018-11656 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file. | 6.5 |
| 2018-06-01 | CVE-2018-11655 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file. | 6.5 |
| 2018-05-18 | CVE-2018-11251 | Out-of-bounds Read vulnerability in Imagemagick In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file. | 6.5 |
| 2018-05-18 | CVE-2017-18273 | Infinite Loop vulnerability in multiple products In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call. | 6.5 |
| 2018-05-18 | CVE-2017-18272 | Use After Free vulnerability in Imagemagick In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is mishandled in an MngInfoDiscardObject call. | 6.5 |
| 2018-05-18 | CVE-2017-18271 | Infinite Loop vulnerability in multiple products In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file. | 6.5 |
| 2018-05-08 | CVE-2018-10805 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. | 6.5 |
| 2018-05-08 | CVE-2018-10804 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c. | 6.5 |