Published: 29/04/2022 Updated: 11/05/2022

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.1 | Impact Score: 5.2 | Exploitability Score: 1.8

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P

A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file. This vulnerability is triggered when an attacker passes a specially crafted DICOM image file to ImageMagick for conversion, potentially leading to information disclosure and a denial of service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
imagemagick imagemagick

Debian Bug report logs - #1013282 imagemagick: CVE-2022-28463 CVE-2021-20241 CVE-2021-20243 CVE-2021-20244 CVE-2021-20245 CVE-2021-20246 CVE-2021-20309 CVE-2021-20312 CVE-2021-20313 CVE-2021-4219 CVE-2022-1114 CVE-2022-1115 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@lists ...

Several security issues were fixed in ImageMagick ...

CWE-416 https://bugzilla.redhat.com/show_bug.cgi?id=2064538 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282 https://ubuntu.com/security/notices/USN-5736-1 https://nvd.nist.gov

CVE-2022-1114

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect