Lucene search

Veracode Vulnerability DatabaseVERACODE:21565

HistorySep 24, 2019 - 9:36 a.m.

Denial Of Service (DoS)

2019-09-2409:36:17

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

49.9%

ImageMagick is vulnerable to denial of service (DoS). The attack is due to memory leaks in the magick/xwindow/XCreateImage function.

CPENameOperatorVersion
imagemagickle6.8.8-9
imagemagick:bullseyeeq8:6.9.11.24+dfsg-1+b2
imagemagick:sideq8:6.9.11.24+dfsg-1+b2

Name	Operator	Version
imagemagick	le	6.8.8-9
imagemagick:bullseye	eq	8:6.9.11.24+dfsg-1+b2
imagemagick:sid	eq	8:6.9.11.24+dfsg-1+b2

References

lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html

lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html

github.com/ImageMagick/ImageMagick/issues/1531

usn.ubuntu.com/4192-1/

www.debian.org/security/2020/dsa-4712

0.001 Low

EPSS

Percentile

49.9%

Related for VERACODE:21565