Lucene search

CVE-2020-27754

🗓️ 08 Dec 2020 22:18:15Reported by redhatType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 150 Views

CVE-2020-27754 - IntensityCompare() in /magick/quantize.c, allows overflowed values

Reporter	Title	Published	Views	Family All 49
Prion	Design/Logic Flaw	8 Dec 202022:15	–	prion
Cvelist	CVE-2020-27754	8 Dec 202000:00	–	cvelist
Veracode	Value Overflow	6 Dec 202004:00	–	veracode
NVD	CVE-2020-27754	8 Dec 202022:15	–	nvd
CNVD	ImageMagick Input Validation Error Vulnerability (CNVD-2021-11327)	23 Dec 202000:00	–	cnvd
Debian CVE	CVE-2020-27754	8 Dec 202022:15	–	debiancve
RedhatCVE	CVE-2020-27754	24 Nov 202019:24	–	redhatcve
OSV	CVE-2020-27754	8 Dec 202022:15	–	osv
OSV	imagemagick - security update	22 Mar 202100:00	–	osv
OSV	imagemagick vulnerabilities	15 Jun 202111:11	–	osv

Nvd

Vulners

Node

imagemagick imagemagickRange<6.9.10-69

imagemagick imagemagickRange7.0.8–7.0.8-69

Node

debian debian_linuxMatch9.0

[
  {
    "vendor": "n/a",
    "product": "ImageMagick",
    "versions": [
      {
        "version": "prior to 6.9.10-69",
        "status": "affected"
      },
      {
        "version": "prior to 7.0.8-69",
        "status": "affected"
      }
    ]
  }
]

Source	Link
lists	www.lists.debian.org/debian-lts-announce/2023/03/msg00008.html
lists	www.lists.debian.org/debian-lts-announce/2021/03/msg00030.html
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Dec 2020 22:15Current

4.8Medium risk

Vulners AI Score4.8

CVSS24.3

CVSS33.3

EPSS0.00059

CWE-190