Lucene search

K

Veracode Vulnerability DatabaseVERACODE:25027

HistoryApr 11, 2020 - 1:40 a.m.

Denial Of Service (DoS)

2020-04-1101:40:55

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

11

0.005 Low

EPSS

Percentile

76.3%

ImageMagick is vulnerable to denial of service (DoS). The vulnerability exists due to several memory leaks exist in WritePDFImage in coders/pdf.c.

CPENameOperatorVersion
imagemagickeq6.7.8.9__18.el7
imagemagickeq6.7.8.9__16.el7_6
imagemagickeq6.7.8.9__15.el7_2
inkscapeeq0.92.2__2.el7
autotraceeq0.31.1__37.el7
emacseq24.3__20.el7_4
emacseq24.3__22.el7
imagemagick:bullseyeeq8:6.9.11.24+dfsg-1+b2
imagemagick:sideq8:6.9.11.24+dfsg-1+b2

References

hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1

lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html

lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html

www.securityfocus.com/bid/106847

access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index

access.redhat.com/errata/RHSA-2020:1180

access.redhat.com/security/updates/classification/#moderate

bugzilla.redhat.com/show_bug.cgi?id=1743658

bugzilla.redhat.com/show_bug.cgi?id=1764595

bugzilla.redhat.com/show_bug.cgi?id=1765205

bugzilla.redhat.com/show_bug.cgi?id=1765208

bugzilla.redhat.com/show_bug.cgi?id=1765211

github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82

github.com/ImageMagick/ImageMagick/issues/1454

usn.ubuntu.com/4034-1/

www.debian.org/security/2020/dsa-4712

0.005 Low

EPSS

Percentile

76.3%

Related for VERACODE:25027

openvas17 mageia1 prion1 osv2 suse5 nessus38 debiancve1 nvd1 cvelist1 redhatcve1 alpinelinux1 ubuntucve1 cve1 freebsd1 cloudfoundry1 ubuntu1 debian1 amazon10 oraclelinux1 centos1 redhat1 ibm1