Search for packages
| purl | pkg:deb/debian/graphicsmagick@1.3.30%2Bhg15796-1~deb9u4 |
| Next non-vulnerable version | 1.4+really1.3.36+hg16481-2+deb11u1 |
| Latest non-vulnerable version | 1.4+really1.3.36+hg16481-2+deb11u1 |
| Risk | 4.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-15mv-khzp-fqfk
Aliases: CVE-2018-18544 |
ImageMagick: memory leak in WriteMSLImage of coders/msl.c |
Affected by 2 other vulnerabilities. |
|
VCID-1m2c-fyc2-2qf3
Aliases: CVE-2018-20185 |
In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits. |
Affected by 2 other vulnerabilities. |
|
VCID-2e5h-jf8c-dudp
Aliases: CVE-2019-11473 |
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009. |
Affected by 2 other vulnerabilities. |
|
VCID-3qad-mewf-8khz
Aliases: CVE-2019-7397 |
ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c |
Affected by 2 other vulnerabilities. |
|
VCID-3tbg-j6gv-9ub8
Aliases: CVE-2022-1270 |
Multiple vulnerabilities have been discovered in GraphicsMagick, the worst of which are fuzzing issues presumed to allow for arbitrary code execution. |
Affected by 0 other vulnerabilities. |
|
VCID-4pd9-uv1z-6qfx
Aliases: CVE-2019-11506 |
In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c. |
Affected by 2 other vulnerabilities. |
|
VCID-5um7-kjwx-a7ft
Aliases: CVE-2020-21679 |
Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format. |
Affected by 2 other vulnerabilities. |
|
VCID-756j-6ajn-zkcp
Aliases: CVE-2019-19953 |
security update |
Affected by 2 other vulnerabilities. |
|
VCID-am38-b487-k7bn
Aliases: CVE-2018-20189 |
In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization. |
Affected by 2 other vulnerabilities. |
|
VCID-bh46-tx2w-8bfq
Aliases: CVE-2019-11005 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value. |
Affected by 2 other vulnerabilities. |
|
VCID-cxs4-yude-jba3
Aliases: CVE-2019-11505 |
In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c. |
Affected by 2 other vulnerabilities. |
|
VCID-ek9v-zmf4-u7aw
Aliases: CVE-2019-11010 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file. |
Affected by 2 other vulnerabilities. |
|
VCID-ezcj-2yaf-rfhh
Aliases: CVE-2019-16709 |
ImageMagick: memory leak in coders/dps.c |
Affected by 2 other vulnerabilities. |
|
VCID-k5jd-24qt-aqc6
Aliases: CVE-2019-11009 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file. |
Affected by 2 other vulnerabilities. |
|
VCID-mw2s-6zec-8ucb
Aliases: CVE-2019-11007 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap. |
Affected by 2 other vulnerabilities. |
|
VCID-qh3z-vna7-87h2
Aliases: CVE-2019-12921 |
security update |
Affected by 2 other vulnerabilities. |
|
VCID-qjhw-tswt-m3ak
Aliases: CVE-2019-11008 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. |
Affected by 2 other vulnerabilities. |
|
VCID-qtv6-ta8r-pka7
Aliases: CVE-2018-20184 |
In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification. |
Affected by 2 other vulnerabilities. |
|
VCID-sg7b-evpj-9fdd
Aliases: CVE-2020-10938 |
security update |
Affected by 2 other vulnerabilities. |
|
VCID-uvjy-tccq-bkhb
Aliases: CVE-2020-12672 |
Multiple vulnerabilities have been discovered in GraphicsMagick, the worst of which are fuzzing issues presumed to allow for arbitrary code execution. |
Affected by 0 other vulnerabilities. |
|
VCID-v4yk-f1rh-efh3
Aliases: CVE-2019-19950 |
security update |
Affected by 2 other vulnerabilities. |
|
VCID-wwqv-tpq5-dqgs
Aliases: CVE-2019-11474 |
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009. |
Affected by 2 other vulnerabilities. |
|
VCID-xvve-pj82-mfh6
Aliases: CVE-2019-11006 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet. |
Affected by 2 other vulnerabilities. |
|
VCID-zvjw-vzvx-6qab
Aliases: CVE-2019-19951 |
security update |
Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1223-kpm6-2fh6 | Multiple vulnerabilities have been found in ImageMagick, the worst of which allows remote attackers to execute arbitrary code. |
CVE-2016-3714
|
| VCID-12mr-p56j-mbg2 | Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317. |
CVE-2016-7446
|
| VCID-1hfa-9cbc-yfch | The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-11403. |
CVE-2017-14103
|
| VCID-1nhm-pwhd-pygh | magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file. |
CVE-2016-5241
|
| VCID-2a2h-yk41-qybt | Multiple vulnerabilities have been found in ImageMagick, the worst of which may allow remote attackers to cause a Denial of Service condition. |
CVE-2017-13134
|
| VCID-2f66-aukm-nyb3 | security update |
CVE-2016-5240
|
| VCID-35a9-mz4g-zkf2 | security update |
CVE-2016-2317
|
| VCID-3gxd-j2ak-63hx | GraphicsMagick: Memory leak in CloneImage function in magick/image.c |
CVE-2017-13066
|
| VCID-3uf9-ajrz-yfa4 | security update |
CVE-2017-12936
|
| VCID-471x-bevu-duas | security update |
CVE-2017-18229
|
| VCID-4b2b-e9ug-hff2 | security update |
CVE-2017-11641
|
| VCID-4cez-xrag-9khe | security update |
CVE-2017-17783
|
| VCID-4hvn-sg6y-s7bq | security update |
CVE-2017-16352
|
| VCID-4nsq-h8ab-5kcj | Multiple vulnerabilities have been found in ImageMagick, the worst of which allows remote attackers to execute arbitrary code. |
CVE-2016-3715
|
| VCID-4zqu-dbmr-mkab | security update |
CVE-2018-6799
|
| VCID-57gy-x8vb-zqde | security update |
CVE-2016-7996
|
| VCID-5ce6-hsnh-5qe1 | security update |
CVE-2017-17782
|
| VCID-5ejx-vfmd-7fh8 | In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c. |
CVE-2017-13648
|
| VCID-67zs-1sfm-mbgn | security update |
CVE-2018-5685
|
| VCID-6hay-bjuv-nygd | security update |
CVE-2017-15277
|
| VCID-6te1-rqru-k3be | security update |
CVE-2017-14994
|
| VCID-756j-6ajn-zkcp | security update |
CVE-2019-19953
|
| VCID-7868-hbyh-tkgf | security update |
CVE-2017-11636
|
| VCID-7fjy-7tv8-wqca | A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c. |
CVE-2017-14042
|
| VCID-7fmu-6e6q-r7hd | security update |
CVE-2016-5118
|
| VCID-7wrg-6pw1-nucx | security update |
CVE-2016-5239
|
| VCID-8fa4-9jsh-3bh9 | Multiple vulnerabilities have been found in ImageMagick, the worst of which allows remote attackers to execute arbitrary code. |
CVE-2016-3717
|
| VCID-8v9a-4t7e-9qax | security update |
CVE-2017-13065
|
| VCID-8x5y-ggze-bqbt | security update |
CVE-2018-9018
|
| VCID-9c6a-x7jz-kkf7 | ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash). |
CVE-2017-14649
|
| VCID-9en7-dh85-afac | security update |
CVE-2017-14314
|
| VCID-9mfa-959d-qqb7 | security update |
CVE-2017-11642
|
| VCID-aafx-3f53-8bbd | security update |
CVE-2017-17503
|
| VCID-avrn-5876-z3ar | security update |
CVE-2016-8684
|
| VCID-bawx-uzgx-yfdh | security update |
CVE-2017-13737
|
| VCID-c9cz-ebdv-t7eq | Multiple vulnerabilities have been found in ImageMagick, the worst of which allows remote attackers to execute arbitrary code. |
CVE-2016-3718
|
| VCID-c9e3-p9my-9fhx | security update |
CVE-2016-2318
|
| VCID-e9bg-sduz-yyad | In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value. |
CVE-2017-13147
|
| VCID-ed2w-d1d6-euca | security update |
CVE-2017-15930
|
| VCID-f3xk-3ejx-7qcp | security update |
CVE-2017-17500
|
| VCID-fy8j-91z5-97br | security update |
CVE-2017-17502
|
| VCID-g8eh-fz9z-wkds | security update |
CVE-2016-7800
|
| VCID-genb-nzkn-zfhv | security update |
CVE-2017-10800
|
| VCID-h6c4-8nhd-bbcj | security update |
CVE-2017-11139
|
| VCID-hehq-89y2-9bgm | security update |
CVE-2016-8683
|
| VCID-hpze-7jwr-kffu | security update |
CVE-2016-7997
|
| VCID-hta8-4prr-auca | security update |
CVE-2016-9830
|
| VCID-ja1e-sy49-abad | security update |
CVE-2017-17913
|
| VCID-jhub-49ty-f3g2 | security update |
CVE-2017-17912
|
| VCID-jvwd-1k5f-jbb8 | security update |
CVE-2017-13776
|
| VCID-kkum-yat8-23dc | security update |
CVE-2017-10794
|
| VCID-kuah-363n-fkf7 | security update |
CVE-2015-8808
|
| VCID-m1ax-fcfs-r7a9 | security update |
CVE-2017-18230
|
| VCID-m775-3xw6-f7a7 | security update |
CVE-2017-12935
|
| VCID-m8uf-fcm6-z3ag | security update |
CVE-2017-16545
|
| VCID-mhba-w1g3-rfdm | security update |
CVE-2017-16669
|
| VCID-mqgj-96wb-3ka2 | The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size. |
CVE-2016-7448
|
| VCID-n7z7-zq3w-57cf | The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string. |
CVE-2016-7449
|
| VCID-pure-cath-k7bd | security update |
CVE-2016-8682
|
| VCID-q9kb-tjhv-6qcp | security update |
CVE-2017-17498
|
| VCID-qfut-6r5k-aqb6 | security update |
CVE-2017-14504
|
| VCID-qh3z-vna7-87h2 | security update |
CVE-2019-12921
|
| VCID-qjb4-qzar-e7ew | security update |
CVE-2017-12937
|
| VCID-qmwk-2tw3-cfet | security update |
CVE-2017-11643
|
| VCID-rh12-2196-ekcm | security update |
CVE-2017-18220
|
| VCID-rj8k-p2xg-6fcs | Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors. |
CVE-2016-7447
|
| VCID-rkkf-72ks-dqdk | security update |
CVE-2017-10799
|
| VCID-rv4b-qhdr-k7ex | security update |
CVE-2017-11722
|
| VCID-rzzk-7g6m-3yfp | ImageMagick: use of uninitialized memory in RLE decoder |
CVE-2017-9098
|
| VCID-s1qp-wtc6-2yg3 | security update |
CVE-2017-14733
|
| VCID-s3a1-5mc6-rkd9 | The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the MagickMalloc function in magick/memory.c. |
CVE-2017-14165
|
| VCID-sg7b-evpj-9fdd | security update |
CVE-2020-10938
|
| VCID-shfx-dyg4-eqch | security update |
CVE-2017-14997
|
| VCID-tayr-ecpz-hqb2 | security update |
CVE-2017-17915
|
| VCID-tsrx-5ffb-wqeq | security update |
CVE-2017-11140
|
| VCID-u1jw-5g6t-dybd | security update |
CVE-2017-13777
|
| VCID-ujf2-gfn9-kfdz | security update |
CVE-2017-17501
|
| VCID-uwfv-j2mx-63gh | ImageMagick: Heap out-of-bounds read in tiff.c |
CVE-2017-6335
|
| VCID-uzcy-jrvp-suha | security update |
CVE-2017-13775
|
| VCID-v4yk-f1rh-efh3 | security update |
CVE-2019-19950
|
| VCID-vfmq-6c3d-tuf2 | security update |
CVE-2017-16547
|
| VCID-vgcw-qt88-1ybz | security update |
CVE-2017-11102
|
| VCID-vvrj-f9uj-1bfy | security update |
CVE-2017-13063
|
| VCID-vw42-dhfh-77av | security update |
CVE-2017-18219
|
| VCID-wj7h-ers5-qfat | security update |
CVE-2017-16353
|
| VCID-wk4h-a1su-wfbh | Multiple vulnerabilities have been found in ImageMagick, the worst of which allows remote attackers to execute arbitrary code. |
CVE-2016-3716
|
| VCID-wqrx-mq2z-7qfu | security update |
CVE-2017-13064
|
| VCID-wv7z-1hnd-suef | security update |
CVE-2017-11403
|
| VCID-ybrn-yhxe-nya8 | security update |
CVE-2017-18231
|
| VCID-yyem-nstk-mubj | security update |
CVE-2017-15238
|
| VCID-z9nq-qa26-hfdj | security update |
CVE-2017-11638
|
| VCID-zc57-w3bt-qbdc | security update |
CVE-2017-11637
|
| VCID-zvjw-vzvx-6qab | security update |
CVE-2019-19951
|