Search for packages
| purl | pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2 |
| Next non-vulnerable version | 1.4+really1.3.36+hg16481-2+deb11u1 |
| Latest non-vulnerable version | 1.4+really1.3.36+hg16481-2+deb11u1 |
| Risk | 3.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3tbg-j6gv-9ub8
Aliases: CVE-2022-1270 |
Multiple vulnerabilities have been discovered in GraphicsMagick, the worst of which are fuzzing issues presumed to allow for arbitrary code execution. |
Affected by 0 other vulnerabilities. |
|
VCID-uvjy-tccq-bkhb
Aliases: CVE-2020-12672 |
Multiple vulnerabilities have been discovered in GraphicsMagick, the worst of which are fuzzing issues presumed to allow for arbitrary code execution. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-15mv-khzp-fqfk | ImageMagick: memory leak in WriteMSLImage of coders/msl.c |
CVE-2018-18544
|
| VCID-1m2c-fyc2-2qf3 | In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits. |
CVE-2018-20185
|
| VCID-2e5h-jf8c-dudp | coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009. |
CVE-2019-11473
|
| VCID-3qad-mewf-8khz | ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c |
CVE-2019-7397
|
| VCID-4pd9-uv1z-6qfx | In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c. |
CVE-2019-11506
|
| VCID-5um7-kjwx-a7ft | Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format. |
CVE-2020-21679
|
| VCID-756j-6ajn-zkcp | security update |
CVE-2019-19953
|
| VCID-am38-b487-k7bn | In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization. |
CVE-2018-20189
|
| VCID-bh46-tx2w-8bfq | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value. |
CVE-2019-11005
|
| VCID-cxs4-yude-jba3 | In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c. |
CVE-2019-11505
|
| VCID-ek9v-zmf4-u7aw | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file. |
CVE-2019-11010
|
| VCID-ezcj-2yaf-rfhh | ImageMagick: memory leak in coders/dps.c |
CVE-2019-16709
|
| VCID-k5jd-24qt-aqc6 | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file. |
CVE-2019-11009
|
| VCID-mw2s-6zec-8ucb | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap. |
CVE-2019-11007
|
| VCID-qh3z-vna7-87h2 | security update |
CVE-2019-12921
|
| VCID-qjhw-tswt-m3ak | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. |
CVE-2019-11008
|
| VCID-qtv6-ta8r-pka7 | In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification. |
CVE-2018-20184
|
| VCID-sg7b-evpj-9fdd | security update |
CVE-2020-10938
|
| VCID-v4yk-f1rh-efh3 | security update |
CVE-2019-19950
|
| VCID-wwqv-tpq5-dqgs | coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009. |
CVE-2019-11474
|
| VCID-xvve-pj82-mfh6 | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet. |
CVE-2019-11006
|
| VCID-zvjw-vzvx-6qab | security update |
CVE-2019-19951
|