ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can hijack a file descriptor in the server process when a race condition is met. This issue has been patched in versions 6.9.13-48 and 7.1.2-23.
oryginał ENCVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:NImagemagick
APPImagemagick< 6.9.13-487.0.0-0 – 7.1.2-23 (bez)
Powiązane podatności
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that a...
A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in Op...
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi...
In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, re...
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/pn...