6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.012 Low
EPSS
Percentile
85.0%
A vulnerability in the ImageMagick graphical editor is related to errors in input data processing.
Exploitation of the vulnerability may allow a remote intruder to gain access to protected information using the profile parameter.
information using the profile parameter
Vulnerability of ImageMagick graphic editor is related to incorrect management of internal resources
when performing operations on created PNG images. Exploitation of the vulnerability could allow
an attacker acting remotely to pass a specially crafted PNG image to an application and cause the application to wait indefinitely for input of a standardized PNG image.
The application to wait indefinitely for standard input, consuming system resources
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | imagemagick | <= 6.9.11.27-5 | UNKNOWN |
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.012 Low
EPSS
Percentile
85.0%