VulnerableCode Package Details - pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.36%2Bhg16481-2%2Bdeb11u1

Search for packages

Vulnerability	Summary	Fixed by
VCID-1cdn-zybc-qqhh Aliases: CVE-2025-27796	ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob.	1.4+really1.3.40-4+deb12u1 Affected by 0 other vulnerabilities. 1.4+really1.3.45+hg17692-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-fump-ap5v-nqav Aliases: CVE-2025-27795	ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits.	1.4+really1.3.40-4+deb12u1 Affected by 0 other vulnerabilities. 1.4+really1.3.45+hg17692-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-m4pp-xw4q-dkh4 Aliases: CVE-2025-32460	GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call.	1.4+really1.3.40-4+deb12u1 Affected by 0 other vulnerabilities. 1.4+really1.3.45+hg17696-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-1cdn-zybc-qqhh
Aliases:
CVE-2025-27796

ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob.

1.4+really1.3.40-4+deb12u1
Affected by 0 other vulnerabilities.

1.4+really1.3.45+hg17692-1
Affected by 1 other vulnerability.

VCID-fump-ap5v-nqav
Aliases:
CVE-2025-27795

ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits.

1.4+really1.3.40-4+deb12u1
Affected by 0 other vulnerabilities.

1.4+really1.3.45+hg17692-1
Affected by 1 other vulnerability.

VCID-m4pp-xw4q-dkh4
Aliases:
CVE-2025-32460

GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call.

1.4+really1.3.40-4+deb12u1
Affected by 0 other vulnerabilities.

1.4+really1.3.45+hg17696-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-66wt-3jvd-aaaa	GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.	CVE-2020-12672
VCID-jk6z-qg86-aaap	In GraphicsMagick, a heap buffer overflow was found when parsing MIFF.	CVE-2022-1270

Vulnerability

Summary

Aliases

VCID-66wt-3jvd-aaaa

GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.

CVE-2020-12672

VCID-jk6z-qg86-aaap

In GraphicsMagick, a heap buffer overflow was found when parsing MIFF.

CVE-2022-1270

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-22T15:50:20.867526+00:00	Debian Importer	Affected by	VCID-1cdn-zybc-qqhh	https://security-tracker.debian.org/tracker/data/json	36.1.3
2025-06-22T03:03:08.578801+00:00	Debian Importer	Affected by	VCID-m4pp-xw4q-dkh4	https://security-tracker.debian.org/tracker/data/json	36.1.3
2025-06-21T15:24:29.998981+00:00	Debian Oval Importer	Fixing	VCID-jk6z-qg86-aaap	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-21T08:16:10.968654+00:00	Debian Importer	Fixing	VCID-jk6z-qg86-aaap	None	36.1.3
2025-06-21T06:43:10.660606+00:00	Debian Oval Importer	Fixing	VCID-jk6z-qg86-aaap	None	36.1.3
2025-06-21T05:08:37.401220+00:00	Debian Importer	Affected by	VCID-fump-ap5v-nqav	https://security-tracker.debian.org/tracker/data/json	36.1.3
2025-06-21T04:13:13.001918+00:00	Debian Oval Importer	Fixing	VCID-66wt-3jvd-aaaa	None	36.1.3
2025-06-08T12:07:16.171620+00:00	Debian Oval Importer	Fixing	VCID-66wt-3jvd-aaaa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.0
2025-06-08T08:19:01.927115+00:00	Debian Oval Importer	Fixing	VCID-jk6z-qg86-aaap	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-08T00:22:39.693650+00:00	Debian Oval Importer	Fixing	VCID-jk6z-qg86-aaap	None	36.1.0
2025-06-07T21:49:04.253559+00:00	Debian Oval Importer	Fixing	VCID-66wt-3jvd-aaaa	None	36.1.0
2025-04-12T19:16:46.000472+00:00	Debian Oval Importer	Fixing	VCID-jk6z-qg86-aaap	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T17:52:48.951583+00:00	Debian Oval Importer	Fixing	VCID-66wt-3jvd-aaaa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-10T05:36:21.527771+00:00	Debian Importer	Affected by	VCID-m4pp-xw4q-dkh4	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-08T06:50:23.557817+00:00	Debian Oval Importer	Fixing	VCID-jk6z-qg86-aaap	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-07T22:54:55.786085+00:00	Debian Oval Importer	Fixing	VCID-jk6z-qg86-aaap	None	36.0.0
2025-04-07T20:19:05.751214+00:00	Debian Oval Importer	Fixing	VCID-66wt-3jvd-aaaa	None	36.0.0
2025-04-06T09:04:39.704760+00:00	Debian Importer	Affected by	VCID-1cdn-zybc-qqhh	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-05T05:33:08.805570+00:00	Debian Importer	Fixing	VCID-jk6z-qg86-aaap	None	36.0.0
2025-04-04T07:58:30.373328+00:00	Debian Importer	Affected by	VCID-fump-ap5v-nqav	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-02-20T14:05:13.665663+00:00	Debian Importer	Fixing	VCID-jk6z-qg86-aaap	None	35.1.0
2024-11-23T07:07:59.604548+00:00	Debian Importer	Fixing	VCID-jk6z-qg86-aaap	None	35.0.0
2024-10-10T05:31:10.766389+00:00	Debian Importer	Fixing	VCID-jk6z-qg86-aaap	None	34.0.2
2024-09-19T12:16:04.567600+00:00	Debian Importer	Fixing	VCID-jk6z-qg86-aaap	None	34.0.1
2024-04-25T09:37:06.151262+00:00	Debian Importer	Fixing	VCID-jk6z-qg86-aaap	None	34.0.0rc4
2024-01-11T11:34:30.701878+00:00	Debian Importer	Fixing	VCID-jk6z-qg86-aaap	None	34.0.0rc2
2024-01-04T21:26:30.746736+00:00	Debian Importer	Fixing	VCID-jk6z-qg86-aaap	None	34.0.0rc1