VulnerableCode Package Details - pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2

Search for packages

Package details: pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2

Essentials
History (29)

purl	pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2

Next non-vulnerable version	1.4+really1.3.36+hg16481-2+deb11u1
Latest non-vulnerable version	1.4+really1.3.36+hg16481-2+deb11u1
Risk	3.5

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-b577-vsed-9qar Aliases: CVE-2020-12672	GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.	1.4+really1.3.36+hg16481-2+deb11u1 Affected by 0 other vulnerabilities.
VCID-h4n2-becy-1bcr Aliases: CVE-2022-1270	In GraphicsMagick, a heap buffer overflow was found when parsing MIFF.	1.4+really1.3.36+hg16481-2+deb11u1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (22)

Vulnerability	Summary	Aliases
VCID-1fqp-p2k2-fkcb	In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet.	CVE-2019-11006
VCID-2rzs-sh3g-y7cu	In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization.	CVE-2018-20189
VCID-35av-smac-3ydp	In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file.	CVE-2019-11010
VCID-8677-4f5t-qyfp	In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c.	CVE-2019-11506
VCID-8ah9-4uh7-zqca	In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.	CVE-2019-19950
VCID-8kv1-b3x8-uqff	GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.	CVE-2020-10938
VCID-9z4q-mjxk-fbb4	ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.	CVE-2019-16709
VCID-a4yb-hm77-7bgc	Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format.	CVE-2020-21679
VCID-b27q-mqxc-u3e3	In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG.	CVE-2019-12921
VCID-cf5a-phww-muaa	In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.	CVE-2019-19951
VCID-cjxw-4tkx-57fc	There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31.	CVE-2018-18544
VCID-dufk-krbw-zyaz	In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value.	CVE-2019-11005
VCID-emsu-ggm4-cfgx	In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.	CVE-2019-7397
VCID-fntn-tj5w-pqbs	In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.	CVE-2019-19953
VCID-gf28-wcd2-1ba2	coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.	CVE-2019-11473
VCID-jk8u-6zza-3bb2	In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification.	CVE-2018-20184
VCID-nawq-r66d-57cu	In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.	CVE-2019-11008
VCID-puvv-3zyz-vycf	coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.	CVE-2019-11474
VCID-qx81-5pqz-5yc4	In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c.	CVE-2019-11505
VCID-udaf-5ex7-n7hh	In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits.	CVE-2018-20185
VCID-xq3y-ra8t-wket	In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file.	CVE-2019-11009
VCID-yrzc-5zar-a7f4	In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap.	CVE-2019-11007

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T20:04:29.620664+00:00	Debian Oval Importer	Fixing	VCID-cjxw-4tkx-57fc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T20:00:23.347338+00:00	Debian Oval Importer	Fixing	VCID-dufk-krbw-zyaz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T19:39:36.228143+00:00	Debian Oval Importer	Fixing	VCID-udaf-5ex7-n7hh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T19:25:34.790794+00:00	Debian Oval Importer	Fixing	VCID-nawq-r66d-57cu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:44:56.598193+00:00	Debian Oval Importer	Fixing	VCID-gf28-wcd2-1ba2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:35:22.316832+00:00	Debian Oval Importer	Fixing	VCID-b27q-mqxc-u3e3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:06:18.296152+00:00	Debian Oval Importer	Fixing	VCID-1fqp-p2k2-fkcb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:57:38.494866+00:00	Debian Oval Importer	Fixing	VCID-cf5a-phww-muaa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:46:46.887916+00:00	Debian Oval Importer	Fixing	VCID-35av-smac-3ydp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:40:56.006529+00:00	Debian Oval Importer	Fixing	VCID-8ah9-4uh7-zqca	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:06:12.614448+00:00	Debian Oval Importer	Fixing	VCID-emsu-ggm4-cfgx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T16:23:24.896022+00:00	Debian Oval Importer	Fixing	VCID-fntn-tj5w-pqbs	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T16:15:58.262648+00:00	Debian Oval Importer	Fixing	VCID-puvv-3zyz-vycf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:45:04.098624+00:00	Debian Oval Importer	Affected by	VCID-h4n2-becy-1bcr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:28:40.166591+00:00	Debian Oval Importer	Fixing	VCID-yrzc-5zar-a7f4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:23:00.531219+00:00	Debian Oval Importer	Fixing	VCID-qx81-5pqz-5yc4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T14:40:19.790948+00:00	Debian Oval Importer	Fixing	VCID-xq3y-ra8t-wket	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T14:05:57.684832+00:00	Debian Oval Importer	Fixing	VCID-8kv1-b3x8-uqff	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T14:05:28.193528+00:00	Debian Oval Importer	Fixing	VCID-9z4q-mjxk-fbb4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:52:44.666221+00:00	Debian Oval Importer	Affected by	VCID-b577-vsed-9qar	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:31:16.186934+00:00	Debian Oval Importer	Fixing	VCID-2rzs-sh3g-y7cu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:28:47.706511+00:00	Debian Oval Importer	Fixing	VCID-jk8u-6zza-3bb2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:07:18.779734+00:00	Debian Oval Importer	Fixing	VCID-8677-4f5t-qyfp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:55:18.670666+00:00	Debian Oval Importer	Fixing	VCID-a4yb-hm77-7bgc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T11:30:31.218859+00:00	Debian Oval Importer	Fixing	VCID-cf5a-phww-muaa	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	37.0.0
2025-08-01T11:28:36.626212+00:00	Debian Oval Importer	Fixing	VCID-b27q-mqxc-u3e3	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	37.0.0
2025-08-01T11:23:31.275596+00:00	Debian Oval Importer	Fixing	VCID-fntn-tj5w-pqbs	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	37.0.0
2025-08-01T11:21:44.745055+00:00	Debian Oval Importer	Fixing	VCID-8ah9-4uh7-zqca	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	37.0.0
2025-08-01T11:20:45.572976+00:00	Debian Oval Importer	Fixing	VCID-8kv1-b3x8-uqff	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	37.0.0