php-imagick is vulnerable to arbitrary code execution. Lack of boundary checks when writing to an array of values in ImagickKernel::fromMatrix()
can potentially lead to out of bounds write to memory if the function is called with the data controlled by untrusted party.
lists.opensuse.org/opensuse-security-announce/2020-01/msg00016.html
www.securityfocus.com/bid/108292
bugs.php.net/bug.php?id=77791
github.com/CVEProject/cvelist/pull/1964
lists.fedoraproject.org/archives/list/[email protected]/message/7MQ7WJA25YF2R2LRALK4QEYWUHHJPSUD/
lists.fedoraproject.org/archives/list/[email protected]/message/BU66V7QJKD32RXLY5J7Z5NZH4V3VV524/
lists.fedoraproject.org/archives/list/[email protected]/message/FME5ZG7DDYWUPPHTTAFJB5OFFCPXYHPS/
seclists.org/bugtraq/2019/Nov/39
security.gentoo.org/glsa/202003-38
usn.ubuntu.com/4586-1/
www.debian.org/security/2019/dsa-4576