MidnightBSD

Advisories for graphicsmagick

CVE-2005-0005 HIGH

Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gentoo linux 1.1a
imagemagick imagemagick 6.0.5
imagemagick imagemagick 6.1.5
suse suse_linux 8.2
imagemagick imagemagick 5.4.7
sgi propack 3.0
graphicsmagick graphicsmagick 1.1.3
imagemagick imagemagick 5.4.3
gentoo linux 0.5
suse suse_linux 8.1
imagemagick imagemagick 6.1.7
suse suse_linux 9.2
imagemagick imagemagick 6.0.2
imagemagick imagemagick 6.0.2.5
imagemagick imagemagick 5.3.3
debian debian_linux 3.0
imagemagick imagemagick 6.0.8
imagemagick imagemagick 6.0.3
imagemagick imagemagick 6.1.2
imagemagick imagemagick 6.2
graphicsmagick graphicsmagick 1.0
suse suse_linux 9.1
graphicsmagick graphicsmagick 1.0.6
imagemagick imagemagick 6.2.0.4
imagemagick imagemagick 6.1.4
gentoo linux 1.2
imagemagick imagemagick 6.1.1.6
imagemagick imagemagick 6.1.3
imagemagick imagemagick 6.1.6
imagemagick imagemagick 6.0.1
imagemagick imagemagick 6.0.4
graphicsmagick graphicsmagick 1.1.4
suse suse_linux 8.0
gentoo linux 0.7
imagemagick imagemagick 6.2.0.7
imagemagick imagemagick 6.0.7
imagemagick imagemagick 6.1
suse suse_linux 9.0
imagemagick imagemagick 6.0
gentoo linux 1.4
imagemagick imagemagick 6.0.6
graphicsmagick graphicsmagick 1.1
CVE-2005-1275 MEDIUM

Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
imagemagick imagemagick 6.0.5
graphicsmagick graphicsmagick 1.1.5
imagemagick imagemagick 6.1.5
imagemagick imagemagick 6.2.1
graphicsmagick graphicsmagick 1.1.3
imagemagick imagemagick 6.1.7
imagemagick imagemagick 6.0.2
imagemagick imagemagick 6.0.2.5
imagemagick imagemagick 6.0.8
imagemagick imagemagick 6.0.3
imagemagick imagemagick 6.1.2
imagemagick imagemagick 6.2
graphicsmagick graphicsmagick 1.0
graphicsmagick graphicsmagick 1.0.6
imagemagick imagemagick 6.2.0.4
imagemagick imagemagick 6.1.4
imagemagick imagemagick 6.1.1.6
imagemagick imagemagick 6.1.3
imagemagick imagemagick 6.1.6
imagemagick imagemagick 6.0.1
imagemagick imagemagick 6.0.4
graphicsmagick graphicsmagick 1.1.4
imagemagick imagemagick 6.2.0.7
imagemagick imagemagick 6.0.7
imagemagick imagemagick 6.1
imagemagick imagemagick 6.0
imagemagick imagemagick 6.0.6
graphicsmagick graphicsmagick 1.1
imagemagick imagemagick 6.1.8
CVE-2005-1739 MEDIUM

The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
imagemagick imagemagick 6.0.5
imagemagick imagemagick 5.3.8
graphicsmagick graphicsmagick 1.1.5
imagemagick imagemagick 6.1.5
graphicsmagick graphicsmagick 1.1.6
imagemagick imagemagick 5.4.7
imagemagick imagemagick 5.5.4
imagemagick imagemagick 5.5.6.0_2003-04-09
imagemagick imagemagick 5.4.8.2.1.1.0
imagemagick imagemagick 6.2.2
imagemagick imagemagick 6.2.1
graphicsmagick graphicsmagick 1.1.3
imagemagick imagemagick 5.4.3
imagemagick imagemagick 5.4.4.5
imagemagick imagemagick 5.5.6
imagemagick imagemagick 6.1.7
imagemagick imagemagick 6.0.2
imagemagick imagemagick 6.0.2.5
imagemagick imagemagick 5.3.3
imagemagick imagemagick 6.0.8
imagemagick imagemagick 6.0.3
imagemagick imagemagick 6.1.2
imagemagick imagemagick 6.2
graphicsmagick graphicsmagick 1.0
imagemagick imagemagick 5.5.7
graphicsmagick graphicsmagick 1.0.6
imagemagick imagemagick 5.5.3.2.1.2.0
imagemagick imagemagick 6.2.0.4
imagemagick imagemagick 6.1.4
imagemagick imagemagick 5.4.8
imagemagick imagemagick 6.1.1.6
imagemagick imagemagick 6.1.3
imagemagick imagemagick 6.1.6
imagemagick imagemagick 6.0.1
imagemagick imagemagick 6.0.4
graphicsmagick graphicsmagick 1.1.4
imagemagick imagemagick 6.2.0.7
imagemagick imagemagick 6.0.7
imagemagick imagemagick 6.1
imagemagick imagemagick 6.0
imagemagick imagemagick 6.0.6
graphicsmagick graphicsmagick 1.1
imagemagick imagemagick 6.1.8
CVE-2013-4589 MEDIUM

The ExportAlphaQuantumType function in export.c in GraphicsMagick before 1.3.18 might allow remote attackers to cause a denial of service (crash) via vectors related to exporting the alpha of an 8-bit RGBA image.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.1.9
graphicsmagick graphicsmagick 1.1.5
graphicsmagick graphicsmagick *
graphicsmagick graphicsmagick 1.0.5
graphicsmagick graphicsmagick 1.2.2
graphicsmagick graphicsmagick 1.1.6
graphicsmagick graphicsmagick 1.3.8
graphicsmagick graphicsmagick 1.1.2
graphicsmagick graphicsmagick 1.2.1
graphicsmagick graphicsmagick 1.2.5
graphicsmagick graphicsmagick 1.2.7
fedoraproject fedora 18
graphicsmagick graphicsmagick 1.3.10
graphicsmagick graphicsmagick 1.1.3
graphicsmagick graphicsmagick 1.1.11
graphicsmagick graphicsmagick 1.2.18
novell suse_studio_onsite 1.3
novell suse_linux_enterprise_debuginfo 11
graphicsmagick graphicsmagick 1.2.4
graphicsmagick graphicsmagick 1.0.2
graphicsmagick graphicsmagick 1.2.3
graphicsmagick graphicsmagick 1.1.7
graphicsmagick graphicsmagick 1.0
graphicsmagick graphicsmagick 1.1.1
graphicsmagick graphicsmagick 1.2.6
graphicsmagick graphicsmagick 1.1.8
graphicsmagick graphicsmagick 1.0.6
graphicsmagick graphicsmagick 1.3.14
graphicsmagick graphicsmagick 1.3.9
graphicsmagick graphicsmagick 1.0.3
graphicsmagick graphicsmagick 1.1.4
graphicsmagick graphicsmagick 1.1.14
graphicsmagick graphicsmagick 1.1.13
graphicsmagick graphicsmagick 1.0.4
graphicsmagick graphicsmagick 1.1.10
graphicsmagick graphicsmagick 1.0.1
graphicsmagick graphicsmagick 1.3.16
novell suse_linux_enterprise_software_development_kit 11.0
graphicsmagick graphicsmagick 1.3.12
graphicsmagick graphicsmagick 1.3.15
graphicsmagick graphicsmagick 1.1.12
graphicsmagick graphicsmagick 1.3.11
graphicsmagick graphicsmagick 1.1
graphicsmagick graphicsmagick 1.3.13
CVE-2015-8808 MEDIUM

The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
suse linux_enterprise_debuginfo 11
graphicsmagick graphicsmagick *
suse linux_enterprise_software_development_kit 11
suse studio_onsite 1.3
fedoraproject fedora 22
CVE-2016-2317 MEDIUM

Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.23
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 11
opensuse leap 42.1
suse studio_onsite 1.3
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-2318 MEDIUM

GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.23
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 11
opensuse leap 42.1
suse studio_onsite 1.3
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-5118 HIGH

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 12
graphicsmagick graphicsmagick *
canonical ubuntu_linux 16.04
debian debian_linux 8.0
imagemagick imagemagick -
suse linux_enterprise_server 12.0
canonical ubuntu_linux 15.10
oracle linux 7
suse linux_enterprise_desktop 12.0
opensuse opensuse 13.2
canonical ubuntu_linux 12.04
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 11
oracle linux 6
oracle solaris 11.3
opensuse leap 42.1
canonical ubuntu_linux 14.04
suse linux_enterprise_workstation_extension 12
oracle solaris 10
suse studio_onsite 1.3
imagemagick imagemagick *
suse linux_enterprise_software_development_kit 12.0
suse linux_enterprise_server 12
CVE-2016-5240 MEDIUM

The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick *
CVE-2016-5241 MEDIUM

magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick *
opensuse leap 42.1
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-7446 HIGH

Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
opensuse leap 42.1
debian debian_linux 8.0
graphicsmagick graphicsmagick 1.3.24
opensuse opensuse 13.2
CVE-2016-7447 HIGH

Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick *
opensuse leap 42.1
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-7448 HIGH

The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick *
opensuse leap 42.1
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-7449 MEDIUM

The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
opensuse leap 42.1
debian debian_linux 8.0
graphicsmagick graphicsmagick 1.3.24
opensuse opensuse 13.2
CVE-2016-7800 MEDIUM

Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,CWE-191,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick *
opensuse leap 42.1
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-7996 HIGH

Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick *
CVE-2016-7997 MEDIUM

The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick *
CVE-2016-8682 MEDIUM

The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 8.0
opensuse opensuse 13.2
graphicsmagick graphicsmagick 1.3.25
CVE-2016-8683 MEDIUM

The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
debian debian_linux 8.0
opensuse opensuse 13.2
graphicsmagick graphicsmagick 1.3.25
CVE-2016-8684 MEDIUM

The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
debian debian_linux 8.0
opensuse opensuse 13.2
graphicsmagick graphicsmagick 1.3.25
CVE-2016-9830 MEDIUM

The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
opensuse leap 42.1
debian debian_linux 8.0
opensuse leap 42.2
opensuse opensuse 13.2
graphicsmagick graphicsmagick 1.3.25
CVE-2017-10794 MEDIUM

When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.25
CVE-2017-10799 MEDIUM

When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.25
CVE-2017-10800 MEDIUM

When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.25
CVE-2017-11102 MEDIUM

The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during JNG reading via a zero-length color_image data structure.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-11139 HIGH

GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-415,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
CVE-2017-11140 HIGH

The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-400,CWE-755,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-11403 MEDIUM

The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-11636 HIGH

GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-11637 HIGH

GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-11638 MEDIUM

GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-11641 HIGH

GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-772,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-11642 MEDIUM

GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-11643 HIGH

GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-11722 MEDIUM

The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging statement executing outside of a loop, and consequently using an invalid array index corresponding to the loop's exit condition.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-12935 MEDIUM

The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-12936 MEDIUM

The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-12937 MEDIUM

The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-13063 MEDIUM

GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-13064 MEDIUM

GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-13065 MEDIUM

GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-13066 MEDIUM

GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-772,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-13147 MEDIUM

In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-13648 MEDIUM

In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-772,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-13736 MEDIUM

There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-772,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-13737 MEDIUM

There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-13775 HIGH

GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-13776 HIGH

GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-834,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-13777 HIGH

GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-834,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-14042 MEDIUM

A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-14103 MEDIUM

The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-11403.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-14165 MEDIUM

The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the MagickMalloc function in magick/memory.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-14314 MEDIUM

Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-14504 MEDIUM

ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure the correct number of colors for the XV 332 format, leading to a NULL Pointer Dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-14649 MEDIUM

ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-617,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-14733 MEDIUM

ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-14994 MEDIUM

ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted DICOM image, related to the ability of DCM_ReadNonNativeImages to yield an image list with zero frames.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-14997 HIGH

GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-191,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-15238 MEDIUM

ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
CVE-2017-15277 MEDIUM

ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
imagemagick imagemagick 7.0.6-1
CVE-2017-15930 MEDIUM

In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-16352 MEDIUM

GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
debian debian_linux 7.0
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-16353 MEDIUM

GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments are never checked.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-200,

Products Affected

Vendor Product Version
debian debian_linux 7.0
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-16545 MEDIUM

The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via a malformed WPG image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-16547 MEDIUM

The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified other impact via a crafted file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-16669 MEDIUM

coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
debian debian_linux 7.0
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-17498 MEDIUM

WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-17500 MEDIUM

ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 7.0
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-17501 MEDIUM

WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 7.0
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-17502 MEDIUM

ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 7.0
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-17503 MEDIUM

ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 7.0
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-17782 MEDIUM

In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 7.0
graphicsmagick graphicsmagick 1.3.27a
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-17783 MEDIUM

In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.27a
debian debian_linux 9.0
CVE-2017-17912 MEDIUM

In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.27
debian debian_linux 7.0
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-17913 MEDIUM

In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.27
debian debian_linux 9.0
CVE-2017-17915 MEDIUM

In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.27
debian debian_linux 7.0
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-18219 MEDIUM

An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large png_pixels array allocation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-770,

Products Affected

Vendor Product Version
debian debian_linux 7.0
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-18220 MEDIUM

The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 allow remote attackers to cause a denial of service (magick/blob.c CloseBlob use-after-free) or possibly have unspecified other impact via a crafted file, a related issue to CVE-2017-11403.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.26
CVE-2017-18229 MEDIUM

An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allows attackers to cause a denial of service via a crafted file, because file size is not properly used to restrict scanline, strip, and tile allocations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-770,

Products Affected

Vendor Product Version
debian debian_linux 7.0
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-18230 MEDIUM

An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c, which allows attackers to cause a denial of service via a crafted file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
debian debian_linux 7.0
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-18231 MEDIUM

An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadEnhMetaFile in coders/emf.c, which allows attackers to cause a denial of service via a crafted file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
debian debian_linux 7.0
graphicsmagick graphicsmagick 1.3.26
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-6335 MEDIUM

The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick *
CVE-2017-9098 MEDIUM

ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-908,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick *
imagemagick imagemagick *
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2018-18544 MEDIUM

There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-772,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick *
imagemagick imagemagick 7.0.8-13
opensuse leap 15.0
CVE-2018-20184 MEDIUM

In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.4
debian debian_linux 8.0
CVE-2018-20185 LOW

In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H 1.6 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 18.04
debian debian_linux 9.0
debian debian_linux 10.0
graphicsmagick graphicsmagick 1.4
debian debian_linux 8.0
CVE-2018-20189 MEDIUM

In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.31
debian debian_linux 8.0
CVE-2018-5360 MEDIUM

LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.27
libtiff libtiff *
CVE-2018-5685 MEDIUM

In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-835,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.27
debian debian_linux 7.0
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2018-6799 MEDIUM

The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
debian debian_linux 7.0
graphicsmagick graphicsmagick *
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2018-9018 MEDIUM

In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-369,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.28
debian debian_linux 7.0
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2019-11005 HIGH

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
opensuse leap 42.3
graphicsmagick graphicsmagick *
opensuse leap 15.0
CVE-2019-11006 MEDIUM

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
opensuse leap 42.3
graphicsmagick graphicsmagick *
debian debian_linux 8.0
opensuse leap 15.0
CVE-2019-11007 MEDIUM

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H 2.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 18.04
opensuse leap 42.3
graphicsmagick graphicsmagick *
debian debian_linux 9.0
debian debian_linux 10.0
debian debian_linux 8.0
opensuse leap 15.0
opensuse backports_sle 15.0
CVE-2019-11008 MEDIUM

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 18.04
opensuse leap 42.3
graphicsmagick graphicsmagick *
debian debian_linux 9.0
debian debian_linux 10.0
debian debian_linux 8.0
opensuse leap 15.0
opensuse backports_sle 15.0
CVE-2019-11009 MEDIUM

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
opensuse leap 42.3
graphicsmagick graphicsmagick *
debian debian_linux 8.0
opensuse leap 15.0
CVE-2019-11010 MEDIUM

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-401,

Products Affected

Vendor Product Version
opensuse leap 42.3
graphicsmagick graphicsmagick *
debian debian_linux 8.0
opensuse leap 15.0
CVE-2019-11473 MEDIUM

coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.31
CVE-2019-11474 MEDIUM

coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-682,CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 18.04
opensuse leap 42.3
fedoraproject fedora 30
graphicsmagick graphicsmagick 1.3.31
debian debian_linux 9.0
debian debian_linux 10.0
debian debian_linux 8.0
fedoraproject fedora 29
opensuse leap 15.0
opensuse backports_sle 15.0
CVE-2019-11505 MEDIUM

In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 18.04
opensuse leap 15.1
opensuse leap 42.3
graphicsmagick graphicsmagick *
debian debian_linux 9.0
debian debian_linux 10.0
debian debian_linux 8.0
opensuse leap 15.0
opensuse backports_sle 15.0
CVE-2019-11506 MEDIUM

In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.3.30
canonical ubuntu_linux 18.04
opensuse leap 15.1
opensuse leap 42.3
graphicsmagick graphicsmagick 1.3.31
debian debian_linux 9.0
debian debian_linux 10.0
debian debian_linux 8.0
opensuse leap 15.0
opensuse backports_sle 15.0
CVE-2019-12921 MEDIUM

In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-77,

Products Affected

Vendor Product Version
opensuse leap 15.1
graphicsmagick graphicsmagick *
debian debian_linux 9.0
debian debian_linux 10.0
debian debian_linux 8.0
opensuse backports_sle 15.0
CVE-2019-19950 HIGH

In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
opensuse backports sle-15
opensuse leap 15.1
debian debian_linux 9.0
debian debian_linux 10.0
graphicsmagick graphicsmagick 1.4
debian debian_linux 8.0
CVE-2019-19951 HIGH

In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
opensuse backports sle-15
opensuse leap 15.1
debian debian_linux 9.0
debian debian_linux 10.0
graphicsmagick graphicsmagick 1.4
debian debian_linux 8.0
CVE-2019-19953 MEDIUM

In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
opensuse backports sle-15
opensuse leap 15.1
debian debian_linux 9.0
debian debian_linux 10.0
graphicsmagick graphicsmagick 1.4
debian debian_linux 8.0
CVE-2019-7397 MEDIUM

In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-401,

Products Affected

Vendor Product Version
canonical ubuntu_linux 18.04
graphicsmagick graphicsmagick *
canonical ubuntu_linux 16.04
imagemagick imagemagick *
debian debian_linux 10.0
canonical ubuntu_linux 18.10
opensuse leap 15.0
canonical ubuntu_linux 19.04
CVE-2020-10938 HIGH

GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,CWE-787,

Products Affected

Vendor Product Version
opensuse backports sle-15
opensuse leap 15.1
graphicsmagick graphicsmagick *
debian debian_linux 9.0
debian debian_linux 10.0
debian debian_linux 8.0
CVE-2020-12672 MEDIUM

GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
opensuse leap 15.1
graphicsmagick graphicsmagick *
debian debian_linux 8.0
opensuse backports_sle 15.0
CVE-2020-21679

Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.4
CVE-2022-1270

In GraphicsMagick, a heap buffer overflow was found when parsing MIFF.

Products Affected

Vendor Product Version
debian debian_linux 10.0
debian debian_linux 11.0
graphicsmagick graphicsmagick 1.4.020220326
CVE-2025-27795

ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 4.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L 2.5 1.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick *
CVE-2025-27796

ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
cve@mitre.org 4.5 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L 1.4 2.7

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick *
CVE-2025-32460

GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick *