ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:LImagemagick
APPImagemagick< 6.9.13-277.0.0-0 – 7.1.2-1 (bez)
Powiązane podatności
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that a...
A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in Op...
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi...
In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, re...
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/pn...