Search for packages
| purl | pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.40-4 |
| Tags | Ghost |
| Next non-vulnerable version | 1.4+really1.3.40-4+deb12u1 |
| Latest non-vulnerable version | 1.4+really1.3.45+hg17696-1 |
| Risk | 1.9 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1cdn-zybc-qqhh
Aliases: CVE-2025-27796 |
ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob. |
Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-fump-ap5v-nqav
Aliases: CVE-2025-27795 |
ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits. |
Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-m4pp-xw4q-dkh4
Aliases: CVE-2025-32460 |
GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-04-10T05:36:21.534068+00:00 | Debian Importer | Affected by | VCID-m4pp-xw4q-dkh4 | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-06T09:04:39.710322+00:00 | Debian Importer | Affected by | VCID-1cdn-zybc-qqhh | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T07:58:30.391266+00:00 | Debian Importer | Affected by | VCID-fump-ap5v-nqav | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |