Search for packages
| purl | pkg:deb/debian/graphicsmagick@1.3.16-1.1 |
| Next non-vulnerable version | 1.4+really1.3.36+hg16481-2+deb11u1 |
| Latest non-vulnerable version | 1.4+really1.3.36+hg16481-2+deb11u1 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1223-kpm6-2fh6
Aliases: CVE-2016-3714 |
Multiple vulnerabilities have been found in ImageMagick, the worst of which allows remote attackers to execute arbitrary code. |
Affected by 112 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-12mr-p56j-mbg2
Aliases: CVE-2016-7446 |
Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317. |
Affected by 24 other vulnerabilities. |
|
VCID-15mv-khzp-fqfk
Aliases: CVE-2018-18544 |
ImageMagick: memory leak in WriteMSLImage of coders/msl.c |
Affected by 2 other vulnerabilities. |
|
VCID-1hfa-9cbc-yfch
Aliases: CVE-2017-14103 |
The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-11403. |
Affected by 24 other vulnerabilities. |
|
VCID-1m2c-fyc2-2qf3
Aliases: CVE-2018-20185 |
In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits. |
Affected by 2 other vulnerabilities. |
|
VCID-1nhm-pwhd-pygh
Aliases: CVE-2016-5241 |
magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file. |
Affected by 24 other vulnerabilities. |
|
VCID-2a2h-yk41-qybt
Aliases: CVE-2017-13134 |
Multiple vulnerabilities have been found in ImageMagick, the worst of which may allow remote attackers to cause a Denial of Service condition. |
Affected by 24 other vulnerabilities. |
|
VCID-2e5h-jf8c-dudp
Aliases: CVE-2019-11473 |
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009. |
Affected by 2 other vulnerabilities. |
|
VCID-2f66-aukm-nyb3
Aliases: CVE-2016-5240 |
security update |
Affected by 112 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-35a9-mz4g-zkf2
Aliases: CVE-2016-2317 |
security update |
Affected by 112 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-3gxd-j2ak-63hx
Aliases: CVE-2017-13066 |
GraphicsMagick: Memory leak in CloneImage function in magick/image.c |
Affected by 24 other vulnerabilities. |
|
VCID-3qad-mewf-8khz
Aliases: CVE-2019-7397 |
ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c |
Affected by 2 other vulnerabilities. |
|
VCID-3tbg-j6gv-9ub8
Aliases: CVE-2022-1270 |
Multiple vulnerabilities have been discovered in GraphicsMagick, the worst of which are fuzzing issues presumed to allow for arbitrary code execution. |
Affected by 0 other vulnerabilities. |
|
VCID-3uf9-ajrz-yfa4
Aliases: CVE-2017-12936 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-471x-bevu-duas
Aliases: CVE-2017-18229 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-4b2b-e9ug-hff2
Aliases: CVE-2017-11641 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-4cez-xrag-9khe
Aliases: CVE-2017-17783 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-4hvn-sg6y-s7bq
Aliases: CVE-2017-16352 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-4nsq-h8ab-5kcj
Aliases: CVE-2016-3715 |
Multiple vulnerabilities have been found in ImageMagick, the worst of which allows remote attackers to execute arbitrary code. |
Affected by 112 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-4pd9-uv1z-6qfx
Aliases: CVE-2019-11506 |
In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c. |
Affected by 2 other vulnerabilities. |
|
VCID-4rmq-cwn8-ruac
Aliases: CVE-2013-4589 |
Multiple vulnerabilities have been found in GraphicsMagick, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. |
Affected by 112 other vulnerabilities. |
|
VCID-4zqu-dbmr-mkab
Aliases: CVE-2018-6799 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-57gy-x8vb-zqde
Aliases: CVE-2016-7996 |
security update |
Affected by 112 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-5ce6-hsnh-5qe1
Aliases: CVE-2017-17782 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-5ejx-vfmd-7fh8
Aliases: CVE-2017-13648 |
In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c. |
Affected by 24 other vulnerabilities. |
|
VCID-5um7-kjwx-a7ft
Aliases: CVE-2020-21679 |
Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format. |
Affected by 2 other vulnerabilities. |
|
VCID-67zs-1sfm-mbgn
Aliases: CVE-2018-5685 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-6hay-bjuv-nygd
Aliases: CVE-2017-15277 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-6te1-rqru-k3be
Aliases: CVE-2017-14994 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-756j-6ajn-zkcp
Aliases: CVE-2019-19953 |
security update |
Affected by 24 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-7868-hbyh-tkgf
Aliases: CVE-2017-11636 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-7fjy-7tv8-wqca
Aliases: CVE-2017-14042 |
A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c. |
Affected by 24 other vulnerabilities. |
|
VCID-7fmu-6e6q-r7hd
Aliases: CVE-2016-5118 |
security update |
Affected by 112 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-7wrg-6pw1-nucx
Aliases: CVE-2016-5239 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-8fa4-9jsh-3bh9
Aliases: CVE-2016-3717 |
Multiple vulnerabilities have been found in ImageMagick, the worst of which allows remote attackers to execute arbitrary code. |
Affected by 24 other vulnerabilities. |
|
VCID-8v9a-4t7e-9qax
Aliases: CVE-2017-13065 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-8x5y-ggze-bqbt
Aliases: CVE-2018-9018 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-9c6a-x7jz-kkf7
Aliases: CVE-2017-14649 |
ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash). |
Affected by 24 other vulnerabilities. |
|
VCID-9en7-dh85-afac
Aliases: CVE-2017-14314 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-9mfa-959d-qqb7
Aliases: CVE-2017-11642 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-aafx-3f53-8bbd
Aliases: CVE-2017-17503 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-am38-b487-k7bn
Aliases: CVE-2018-20189 |
In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization. |
Affected by 2 other vulnerabilities. |
|
VCID-avrn-5876-z3ar
Aliases: CVE-2016-8684 |
security update |
Affected by 112 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-bawx-uzgx-yfdh
Aliases: CVE-2017-13737 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-bh46-tx2w-8bfq
Aliases: CVE-2019-11005 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value. |
Affected by 2 other vulnerabilities. |
|
VCID-c9cz-ebdv-t7eq
Aliases: CVE-2016-3718 |
Multiple vulnerabilities have been found in ImageMagick, the worst of which allows remote attackers to execute arbitrary code. |
Affected by 24 other vulnerabilities. |
|
VCID-c9e3-p9my-9fhx
Aliases: CVE-2016-2318 |
security update |
Affected by 112 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-cxs4-yude-jba3
Aliases: CVE-2019-11505 |
In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c. |
Affected by 2 other vulnerabilities. |
|
VCID-e9bg-sduz-yyad
Aliases: CVE-2017-13147 |
In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value. |
Affected by 24 other vulnerabilities. |
|
VCID-ed2w-d1d6-euca
Aliases: CVE-2017-15930 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-ek9v-zmf4-u7aw
Aliases: CVE-2019-11010 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file. |
Affected by 2 other vulnerabilities. |
|
VCID-epd6-xsva-17ea
Aliases: CVE-2014-1947 |
Multiple vulnerabilities have been discovered in ImageMagick, the worst of which could lead to arbitrary code execution. |
Affected by 112 other vulnerabilities. |
|
VCID-ezcj-2yaf-rfhh
Aliases: CVE-2019-16709 |
ImageMagick: memory leak in coders/dps.c |
Affected by 2 other vulnerabilities. |
|
VCID-f3xk-3ejx-7qcp
Aliases: CVE-2017-17500 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-fy8j-91z5-97br
Aliases: CVE-2017-17502 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-g8eh-fz9z-wkds
Aliases: CVE-2016-7800 |
security update |
Affected by 112 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-genb-nzkn-zfhv
Aliases: CVE-2017-10800 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-h6c4-8nhd-bbcj
Aliases: CVE-2017-11139 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-hehq-89y2-9bgm
Aliases: CVE-2016-8683 |
security update |
Affected by 112 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-hpze-7jwr-kffu
Aliases: CVE-2016-7997 |
security update |
Affected by 112 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-hta8-4prr-auca
Aliases: CVE-2016-9830 |
security update |
Affected by 112 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-ja1e-sy49-abad
Aliases: CVE-2017-17913 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-jhub-49ty-f3g2
Aliases: CVE-2017-17912 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-jvwd-1k5f-jbb8
Aliases: CVE-2017-13776 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-k5jd-24qt-aqc6
Aliases: CVE-2019-11009 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file. |
Affected by 2 other vulnerabilities. |
|
VCID-kkum-yat8-23dc
Aliases: CVE-2017-10794 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-kuah-363n-fkf7
Aliases: CVE-2015-8808 |
security update |
Affected by 112 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-m1ax-fcfs-r7a9
Aliases: CVE-2017-18230 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-m775-3xw6-f7a7
Aliases: CVE-2017-12935 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-m8uf-fcm6-z3ag
Aliases: CVE-2017-16545 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-mhba-w1g3-rfdm
Aliases: CVE-2017-16669 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-mqgj-96wb-3ka2
Aliases: CVE-2016-7448 |
The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size. |
Affected by 24 other vulnerabilities. |
|
VCID-mw2s-6zec-8ucb
Aliases: CVE-2019-11007 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap. |
Affected by 2 other vulnerabilities. |
|
VCID-n7z7-zq3w-57cf
Aliases: CVE-2016-7449 |
The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string. |
Affected by 24 other vulnerabilities. |
|
VCID-pure-cath-k7bd
Aliases: CVE-2016-8682 |
security update |
Affected by 112 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-q5su-zt4m-sqgx
Aliases: CVE-2014-8355 |
ImageMagick: out-of-bounds memory access in PCX parser |
Affected by 112 other vulnerabilities. |
|
VCID-q9kb-tjhv-6qcp
Aliases: CVE-2017-17498 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-qfut-6r5k-aqb6
Aliases: CVE-2017-14504 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-qh3z-vna7-87h2
Aliases: CVE-2019-12921 |
security update |
Affected by 24 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-qjb4-qzar-e7ew
Aliases: CVE-2017-12937 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-qjhw-tswt-m3ak
Aliases: CVE-2019-11008 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. |
Affected by 2 other vulnerabilities. |
|
VCID-qmwk-2tw3-cfet
Aliases: CVE-2017-11643 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-qtv6-ta8r-pka7
Aliases: CVE-2018-20184 |
In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification. |
Affected by 2 other vulnerabilities. |
|
VCID-rh12-2196-ekcm
Aliases: CVE-2017-18220 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-rj8k-p2xg-6fcs
Aliases: CVE-2016-7447 |
Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors. |
Affected by 24 other vulnerabilities. |
|
VCID-rkkf-72ks-dqdk
Aliases: CVE-2017-10799 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-rv4b-qhdr-k7ex
Aliases: CVE-2017-11722 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-rzzk-7g6m-3yfp
Aliases: CVE-2017-9098 |
ImageMagick: use of uninitialized memory in RLE decoder |
Affected by 24 other vulnerabilities. |
|
VCID-s1qp-wtc6-2yg3
Aliases: CVE-2017-14733 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-s3a1-5mc6-rkd9
Aliases: CVE-2017-14165 |
The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the MagickMalloc function in magick/memory.c. |
Affected by 24 other vulnerabilities. |
|
VCID-sg7b-evpj-9fdd
Aliases: CVE-2020-10938 |
security update |
Affected by 24 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-shfx-dyg4-eqch
Aliases: CVE-2017-14997 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-tayr-ecpz-hqb2
Aliases: CVE-2017-17915 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-tsrx-5ffb-wqeq
Aliases: CVE-2017-11140 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-u1jw-5g6t-dybd
Aliases: CVE-2017-13777 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-ujf2-gfn9-kfdz
Aliases: CVE-2017-17501 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-uvjy-tccq-bkhb
Aliases: CVE-2020-12672 |
Multiple vulnerabilities have been discovered in GraphicsMagick, the worst of which are fuzzing issues presumed to allow for arbitrary code execution. |
Affected by 0 other vulnerabilities. |
|
VCID-uwfv-j2mx-63gh
Aliases: CVE-2017-6335 |
ImageMagick: Heap out-of-bounds read in tiff.c |
Affected by 24 other vulnerabilities. |
|
VCID-uzcy-jrvp-suha
Aliases: CVE-2017-13775 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-v4yk-f1rh-efh3
Aliases: CVE-2019-19950 |
security update |
Affected by 24 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-vfmq-6c3d-tuf2
Aliases: CVE-2017-16547 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-vgcw-qt88-1ybz
Aliases: CVE-2017-11102 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-vvrj-f9uj-1bfy
Aliases: CVE-2017-13063 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-vw42-dhfh-77av
Aliases: CVE-2017-18219 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-wj7h-ers5-qfat
Aliases: CVE-2017-16353 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-wk4h-a1su-wfbh
Aliases: CVE-2016-3716 |
Multiple vulnerabilities have been found in ImageMagick, the worst of which allows remote attackers to execute arbitrary code. |
Affected by 24 other vulnerabilities. |
|
VCID-wqrx-mq2z-7qfu
Aliases: CVE-2017-13064 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-wv7z-1hnd-suef
Aliases: CVE-2017-11403 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-wwqv-tpq5-dqgs
Aliases: CVE-2019-11474 |
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009. |
Affected by 2 other vulnerabilities. |
|
VCID-xvve-pj82-mfh6
Aliases: CVE-2019-11006 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet. |
Affected by 2 other vulnerabilities. |
|
VCID-ybrn-yhxe-nya8
Aliases: CVE-2017-18231 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-yyem-nstk-mubj
Aliases: CVE-2017-15238 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-z9nq-qa26-hfdj
Aliases: CVE-2017-11638 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-zc57-w3bt-qbdc
Aliases: CVE-2017-11637 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-zvjw-vzvx-6qab
Aliases: CVE-2019-19951 |
security update |
Affected by 24 other vulnerabilities. Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-refp-fu5m-n7at | The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation. |
CVE-2012-3438
|