Vulnerabilities > Imagemagick > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-31 | CVE-2018-11624 | Use After Free vulnerability in Imagemagick 7.0.736 In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted file. | 6.8 |
| 2018-05-18 | CVE-2018-11251 | Out-of-bounds Read vulnerability in Imagemagick In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file. | 4.3 |
| 2018-05-18 | CVE-2017-18272 | Use After Free vulnerability in Imagemagick In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is mishandled in an MngInfoDiscardObject call. | 4.3 |
| 2018-05-08 | CVE-2018-10805 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. | 4.3 |
| 2018-05-08 | CVE-2018-10804 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c. | 4.3 |
| 2018-04-16 | CVE-2018-10177 | Infinite Loop vulnerability in multiple products In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. | 4.3 |
| 2018-03-30 | CVE-2018-9135 | Out-of-bounds Read vulnerability in Imagemagick 7.0.724 In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c. | 6.8 |
| 2018-03-30 | CVE-2018-9133 | Excessive Iteration vulnerability in multiple products ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file. | 4.3 |
| 2018-03-27 | CVE-2017-18254 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products An issue was discovered in ImageMagick 7.0.7. | 4.3 |
| 2018-03-27 | CVE-2017-18253 | NULL Pointer Dereference vulnerability in Imagemagick 7.0.7 An issue was discovered in ImageMagick 7.0.7. | 4.3 |