VulnerableCode Package Details - pkg:deb/ubuntu/graphicsmagick@1.4%2Breally1.3.32-1

Search for packages

Package details: pkg:deb/ubuntu/graphicsmagick@1.4%2Breally1.3.32-1

Essentials
History (0)

purl	pkg:deb/ubuntu/graphicsmagick@1.4%2Breally1.3.32-1

Next non-vulnerable version	1.4+really1.3.34+hg16181-1
Latest non-vulnerable version	1.4+really1.3.34+hg16181-1
Risk	4.4

Vulnerabilities affecting this package (5)

Vulnerability	Summary	Fixed by
VCID-57py-peab-aaab Aliases: CVE-2019-19951	In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.	1.4+really1.3.33+hg16115-1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-cstx-zz61-aaac Aliases: CVE-2019-19950	In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.	1.4+really1.3.33+hg16115-1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-mqm5-6qzb-aaaa Aliases: CVE-2020-10938	GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.	1.4+really1.3.34+hg16181-1 Affected by 0 other vulnerabilities.
VCID-w82e-2fr6-aaap Aliases: CVE-2019-19953	In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.	1.4+really1.3.34+hg16181-1 Affected by 0 other vulnerabilities.
VCID-ys7z-wtkj-aaaf Aliases: CVE-2019-12921	In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG.	1.4+really1.3.33+hg16115-1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (4)

Vulnerability	Summary	Aliases
VCID-13t8-37w3-aaaa	coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.	CVE-2019-11473
VCID-heje-u42k-aaab	coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.	CVE-2019-11474
VCID-j5d3-fc4u-aaad	In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c.	CVE-2019-11506
VCID-n35h-bnx1-aaaa	In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c.	CVE-2019-11505

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version