Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-2333-1:FD35B
HistoryAug 18, 2020 - 11:31 p.m.

[SECURITY] [DLA 2333-1] imagemagick security update

2020-08-1823:31:06
lists.debian.org
29

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

55.8%

JSON

Debian LTS Advisory DLA-2333-1 [email protected]
https://www.debian.org/lts/security/ Markus Koschany
August 18, 2020 https://wiki.debian.org/LTS

Package : imagemagick
Version : 8:6.9.7.4+dfsg-11+deb9u9
CVE ID : CVE-2017-12805 CVE-2017-17681 CVE-2017-18252
CVE-2018-7443 CVE-2018-8804 CVE-2018-8960
CVE-2018-9133 CVE-2018-10177 CVE-2018-14551
CVE-2018-18024 CVE-2018-20467 CVE-2019-10131
CVE-2019-11472 CVE-2019-11597 CVE-2019-12974
CVE-2019-12977 CVE-2019-12978 CVE-2019-12979
CVE-2019-13295 CVE-2019-13297 CVE-2019-11470
CVE-2019-13454 CVE-2019-14981 CVE-2019-19949
Debian Bug : 885941 891291 894848 896018 904713 917326 928207 931196
931191 931190 931189 931457 927830 931740 955025
947309

Several security vulnerabilities were fixed in Imagemagick. Various
memory handling problems and cases of missing or incomplete input
sanitizing may result in denial of service, memory or CPU exhaustion,
information disclosure or potentially the execution of arbitrary code
when a malformed image file is processed.

For Debian 9 stretch, these problems have been fixed in version
8:6.9.7.4+dfsg-11+deb9u9.

We recommend that you upgrade your imagemagick packages.

For the detailed security status of imagemagick please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/imagemagick

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian9amd64imagemagick-6.q16< 8:6.9.7.4+dfsg-11+deb9u9imagemagick-6.q16_8:6.9.7.4+dfsg-11+deb9u9_amd64.deb
Debian9allimagemagick-6-doc< 8:6.9.7.4+dfsg-11+deb9u9imagemagick-6-doc_8:6.9.7.4+dfsg-11+deb9u9_all.deb
Debian9amd64libmagickcore-6.q16-dev< 8:6.9.7.4+dfsg-11+deb9u9libmagickcore-6.q16-dev_8:6.9.7.4+dfsg-11+deb9u9_amd64.deb
Debian9arm64libmagickwand-6.q16hdri-dev< 8:6.9.7.4+dfsg-11+deb9u9libmagickwand-6.q16hdri-dev_8:6.9.7.4+dfsg-11+deb9u9_arm64.deb
Debian9alllibmagickwand-6-headers< 8:6.9.7.4+dfsg-11+deb9u9libmagickwand-6-headers_8:6.9.7.4+dfsg-11+deb9u9_all.deb
Debian9arm64libmagickcore-6.q16hdri-3< 8:6.9.7.4+dfsg-11+deb9u9libmagickcore-6.q16hdri-3_8:6.9.7.4+dfsg-11+deb9u9_arm64.deb
Debian9armellibmagick++-6.q16hdri-dev< 8:6.9.7.4+dfsg-11+deb9u9libmagick++-6.q16hdri-dev_8:6.9.7.4+dfsg-11+deb9u9_armel.deb
Debian9armhflibimage-magick-q16hdri-perl< 8:6.9.7.4+dfsg-11+deb9u9libimage-magick-q16hdri-perl_8:6.9.7.4+dfsg-11+deb9u9_armhf.deb
Debian9armhflibmagick++-6.q16-7< 8:6.9.7.4+dfsg-11+deb9u9libmagick++-6.q16-7_8:6.9.7.4+dfsg-11+deb9u9_armhf.deb
Debian9arm64libmagickcore-6.q16-3< 8:6.9.7.4+dfsg-11+deb9u9libmagickcore-6.q16-3_8:6.9.7.4+dfsg-11+deb9u9_arm64.deb
Rows per page:
1-10 of 1131

Related

nessus 37
osv 15
openvas 30
suse 4
debian 4
prion 16
veracode 14
debiancve 16
cve 13
redhatcve 14
ubuntucve 16
ubuntu 1
alpinelinux 7
cloudfoundry 1
amazon 8
oraclelinux 1
centos 1
redhat 1
nessus
nessus
Debian DLA-2333-1 : imagemagick security update
2020-08-19 00:00:00
ImageMagick < 7.0.8-35 Multiple vulnerabilities
2019-07-12 00:00:00
openSUSE Security Update : ImageMagick (openSUSE-2019-1683)
2019-07-02 00:00:00
osv
osv
imagemagick - security update
2020-08-18 00:00:00
imagemagick - security update
2019-08-16 00:00:00
imagemagick - security update
2019-10-21 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2333-1)
2020-08-20 00:00:00
ImageMagick <= 7.0.8-34 Multiple Vulnerabilities - Windows
2019-07-01 00:00:00
ImageMagick <= 7.0.8-34 Multiple Vulnerabilities - Mac OS X
2019-07-01 00:00:00
suse
suse
Security update for ImageMagick (moderate)
2019-07-01 00:00:00
Security update for GraphicsMagick (moderate)
2018-10-17 21:24:40
Security update for ImageMagick (moderate)
2019-06-24 00:00:00
debian
debian
[SECURITY] [DSA 4712-1] imagemagick security update
2020-06-30 20:31:53
[SECURITY] [DLA 1888-1] imagemagick security update
2019-08-16 14:14:20
[SECURITY] [DLA 1968-1] imagemagick security update
2019-10-21 09:04:57
prion
prion
Code injection
2017-12-14 06:29:00
Memory corruption
2018-07-23 08:29:00
Code injection
2018-03-30 08:29:00
veracode
veracode
Denial Of Service (DoS)
2020-12-06 03:29:21
Arbitrary Code Execution
2020-12-06 03:46:35
Denial Of Service (DoS)
2019-06-27 08:23:57
debiancve
debiancve
CVE-2017-17681
2017-12-14 06:29:00
CVE-2018-14551
2018-07-23 08:29:00
CVE-2019-12977
2019-06-26 18:15:00
cve
cve
CVE-2017-17681
2017-12-14 06:29:00
CVE-2018-14551
2018-07-23 08:29:00
CVE-2018-18024
2018-10-07 18:29:00
redhatcve
redhatcve
CVE-2018-14551
2018-08-01 04:48:46
CVE-2017-17681
2017-12-14 18:38:56
CVE-2018-18024
2018-10-08 21:19:55
ubuntucve
ubuntucve
CVE-2017-17681
2017-12-14 00:00:00
CVE-2018-14551
2018-07-23 00:00:00
CVE-2018-7443
2018-02-23 00:00:00
ubuntu
ubuntu
ImageMagick vulnerabilities
2019-11-14 00:00:00
alpinelinux
alpinelinux
CVE-2018-14551
2018-07-23 08:29:00
CVE-2018-18024
2018-10-07 18:29:00
CVE-2018-8960
2018-03-23 21:29:00
cloudfoundry
cloudfoundry
USN-4192-1: ImageMagick vulnerabilities | Cloud Foundry
2019-11-18 00:00:00
amazon
amazon
Medium: php56-pecl-imagick
2023-08-21 12:14:00
Medium: php54-pecl-imagick
2023-08-21 12:14:00
Medium: php71-pecl-imagick
2023-08-21 12:14:00
oraclelinux
oraclelinux
ImageMagick security, bug fix, and enhancement update
2020-04-06 00:00:00
centos
centos
ImageMagick, autotrace, emacs, inkscape security update
2020-04-08 17:42:49
redhat
redhat
(RHSA-2020:1180) Moderate: ImageMagick security, bug fix, and enhancement update
2020-03-31 09:28:57

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

55.8%

JSON
Related for DEBIAN:DLA-2333-1:FD35B
nessus37osv15openvas30suse4debian4prion16veracode14debiancve16cve13redhatcve14ubuntucve16ubuntu1alpinelinux7cloudfoundry1amazon8oraclelinux1centos1redhat1