CVE-2019-10131

🗓️ 30 Apr 2019 17:14:53Reported by redhat.comType

An off-by-one read vulnerability in ImageMagick's formatIPTCfromBuffer function allows local attackers to read beyond the buffer or crash the program

Reporter	Title	Published	Views	Family All 138
FreeBSD	ImageMagick -- multiple vulnerabilities	7 Mar 201900:00	–	freebsd
IBM Security Bulletins	Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities	13 Aug 202122:15	–	ibm
IBM Security Bulletins	Security Bulletin: WebSphere Cast Iron and App Connect Professional are affected by vulnerabilities in Pacemaker, ImageMagick, gd-libgd, libxslt, cURL libcurl , Ghostscript.	21 Feb 202204:39	–	ibm
Tenable Nessus	Amazon Linux 2 : ImageMagick (ALAS-2020-1497)	28 Oct 202000:00	–	nessus
Tenable Nessus	Amazon Linux 2 : ImageMagick (ALAS-2024-2432)	23 Jan 202400:00	–	nessus
Tenable Nessus	Amazon Linux AMI : php-pecl-imagick (ALAS-2020-1391)	20 Jul 202000:00	–	nessus
Tenable Nessus	Amazon Linux AMI : php54-pecl-imagick (ALAS-2023-1810)	23 Aug 202300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : php56-pecl-imagick (ALAS-2023-1811)	23 Aug 202300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : php55-pecl-imagick (ALAS-2023-1812)	23 Aug 202300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : php70-pecl-imagick (ALAS-2023-1813)	23 Aug 202300:00	–	nessus

Source	Link
cve	www.cve.org/CVERecord
nvd	www.nvd.nist.gov/vuln/detail/CVE-2019-10131
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

24 Jan 2024 20:38Current

1.8Low risk

Vulners AI Score1.8

CVSS 23.6

CVSS 3.17.1

CVSS 36.5

EPSS0.00134