In GraphicsMagick prior to 1.3.32, the text filename component allows remote malicious users to read arbitrary files via a crafted image because of TranslateTextEx for SVG.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
graphicsmagick graphicsmagick |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
opensuse backports sle 15.0 |
||
opensuse leap 15.1 |