7.5
CVSSv3

CVE-2021-20309

Published: 11/05/2021 Updated: 22/05/2023
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Summary

A flaw was found in ImageMagick in versions prior to 7.0.11 and prior to 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to system availability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

imagemagick imagemagick

debian debian linux 9.0

Vendor Advisories

Debian Bug report logs - #1013282 imagemagick: CVE-2022-28463 CVE-2021-20241 CVE-2021-20243 CVE-2021-20244 CVE-2021-20245 CVE-2021-20246 CVE-2021-20309 CVE-2021-20312 CVE-2021-20313 CVE-2021-4219 CVE-2022-1114 CVE-2022-1115 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@lists ...
Several security issues were fixed in ImageMagick ...
A divide-by-zero flaw was found in ImageMagick in gemc This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior through a division by zero The highest threat from this vulnerability is to system availability (CVE-2021-20176) A flaw was found in ImageMagick in coders/jp2c An attacke ...
A divide-by-zero flaw was found in ImageMagick in gemc This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior through a division by zero The highest threat from this vulnerability is to system availability (CVE-2021-20176) A flaw was found in ImageMagick in coders/jp2c An attacke ...