Search CVE reports
111 – 120 of 144 results
Some fixes available 2 of 6
The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.
1 affected package
graphicsmagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
Some fixes available 2 of 3
Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.
1 affected package
graphicsmagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
Some fixes available 1 of 6
The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.
1 affected package
graphicsmagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
Some fixes available 11 of 16
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
2 affected packages
graphicsmagick, imagemagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
| imagemagick | — | — | — | Fixed |
Some fixes available 11 of 16
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
2 affected packages
graphicsmagick, imagemagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
| imagemagick | — | — | — | Fixed |
Some fixes available 11 of 16
The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.
2 affected packages
graphicsmagick, imagemagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
| imagemagick | — | — | — | Fixed |
Some fixes available 11 of 16
The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
2 affected packages
graphicsmagick, imagemagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
| imagemagick | — | — | — | Fixed |
Some fixes available 11 of 16
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
2 affected packages
graphicsmagick, imagemagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
| imagemagick | — | — | — | Fixed |
Some fixes available 11 of 16
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a...
2 affected packages
imagemagick, graphicsmagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| imagemagick | — | — | — | Fixed |
| graphicsmagick | — | — | — | Not affected |
Some fixes available 3 of 13
PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
2 affected packages
graphicsmagick, imagemagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
| imagemagick | — | — | — | Not affected |