Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Graphicsmagick Subscribe
Filtered by product Graphicsmagick
Total 117 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-13775 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2019-10-02 7.1 HIGH 6.5 MEDIUM
GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests.
CVE-2017-11140 1 Graphicsmagick 1 Graphicsmagick 2019-10-02 7.1 HIGH 5.5 MEDIUM
The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files.
CVE-2017-14733 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
CVE-2017-13648 1 Graphicsmagick 1 Graphicsmagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c.
CVE-2017-18219 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large png_pixels array allocation.
CVE-2018-18544 3 Graphicsmagick, Imagemagick, Opensuse 3 Graphicsmagick, Imagemagick, Leap 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31.
CVE-2017-12937 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2019-10-02 6.8 MEDIUM 8.8 HIGH
The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read.
CVE-2018-5685 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value.
CVE-2017-13066 1 Graphicsmagick 1 Graphicsmagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c.
CVE-2017-14649 1 Graphicsmagick 1 Graphicsmagick 2019-10-02 4.3 MEDIUM 5.5 MEDIUM
ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash).
CVE-2017-13736 1 Graphicsmagick 1 Graphicsmagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.
CVE-2017-17503 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2019-06-29 6.8 MEDIUM 8.8 HIGH
ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.
CVE-2017-12935 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2019-06-29 6.8 MEDIUM 8.8 HIGH
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.
CVE-2017-12936 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2019-06-29 6.8 MEDIUM 8.8 HIGH
The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting.
CVE-2017-13063 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2019-06-29 4.3 MEDIUM 6.5 MEDIUM
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12.
CVE-2017-13737 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2019-06-29 4.3 MEDIUM 6.5 MEDIUM
There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.
CVE-2017-14504 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2019-06-29 4.3 MEDIUM 6.5 MEDIUM
ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure the correct number of colors for the XV 332 format, leading to a NULL Pointer Dereference.
CVE-2017-14994 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2019-06-29 4.3 MEDIUM 6.5 MEDIUM
ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted DICOM image, related to the ability of DCM_ReadNonNativeImages to yield an image list with zero frames.
CVE-2017-14997 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2019-06-29 7.1 HIGH 6.5 MEDIUM
GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c.
CVE-2017-15238 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2019-06-29 6.8 MEDIUM 8.8 HIGH
ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage.