Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick imagemagick - vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-45463
load_cache in GEGL prior to 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load. NOTE: GEGL releases prior to ...
Gegl Gegl
Gimp Gimp
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
7.8
CVSSv3
CVE-2021-3962
A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an malicious user to create a specially crafted image that leads to a use-after-free vulnerability when processed by ImageMagick. The hig...
Imagemagick Imagemagick 7.1.0-14
3.6
CVSSv3
CVE-2021-39212
ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when spec...
Imagemagick Imagemagick
NA
CVE-2021-34183
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
9.8
CVSSv3
CVE-2021-33564
An argument injection vulnerability in the Dragonfly gem prior to 1.4.0 for Ruby allows remote malicious users to read and write to arbitrary files via a crafted URL when the verify_url option is disabled. This may lead to code execution. The problem occurs because the generate a...
Dragonfly Project Dragonfly
2 Github repositories
3.3
CVSSv3
CVE-2020-27769
In ImageMagick versions prior to 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.
Imagemagick Imagemagick
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 5.0
Fedoraproject Fedora 33
7.5
CVSSv3
CVE-2021-20310
A flaw was found in ImageMagick in versions prior to 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The hi...
7.5
CVSSv3
CVE-2021-20311
A flaw was found in ImageMagick in versions prior to 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The...
7.5
CVSSv3
CVE-2021-20313
A flaw was found in ImageMagick in versions prior to 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality.
Imagemagick Imagemagick
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2021-20309
A flaw was found in ImageMagick in versions prior to 7.0.11 and prior to 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from t...
Imagemagick Imagemagick
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »