21 matches found
MiracleLinux 7 : ImageMagick-6.9.10.68-5.el7 (AXSA:2021-1086:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1086:01 advisory. ImageMagick: Shell injection via PDF password could result in arbitrary code execution CVE-2020-29599 Tenable has extracted the preceding description block...
Ubuntu 20.04 LTS / 22.04 LTS : ImageMagick vulnerabilities (USN-6200-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6200-2 advisory. USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This...
USN-6200-2: ImageMagick vulnerabilities
USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This update fixes the problem. Original advisory details: It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected...
USN-6200-1: ImageMagick vulnerabilities
It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. CVE-2020-29599 It was...
K87235248: ImageMagick vulnerability CVE-2020-29599
Security Advisory Description ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject...
NewStart CGSL CORE 5.04 / MAIN 5.04 : ImageMagick Vulnerability (NS-SA-2021-0100)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ImageMagick packages installed that are affected by a vulnerability: - ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF...
NewStart CGSL CORE 5.05 / MAIN 5.05 : ImageMagick Vulnerability (NS-SA-2021-0186)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ImageMagick packages installed that are affected by a vulnerability: - ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF...
ImageMagick Command Injection (CVE-2020-29599)
A command injection vulnerability exists in ImageMagick. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Fix of Add fix for CVE-2020-29599
Add fix for CVE-2020-29599...
EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2021-1682)
According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for...
CentOS: Security Advisory for ImageMagick (CESA-2021:0024)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
ImageMagick security update
CentOS Errata and Security Advisory CESA-2021:0024 An update for ImageMagick is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Important: ImageMagick
Issue Overview: A flaw was found in ImageMagick. The -authenticate option is mishandled allowing user-controlled password set for a PDF file to possibly inject additional shell commands via coders/pdf.c. The highest threat from this vulnerability is to data confidentiality and integrity as well a...
Amazon Linux 2 : ImageMagick (ALAS-2021-1596)
The version of ImageMagick installed on the remote host is prior to 6.9.10.68-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1596 advisory. A flaw was found in ImageMagick. The -authenticate option is mishandled allowing user-controlled password set for a PDF fil...
Amazon Linux AMI : ImageMagick (ALAS-2021-1479)
The version of ImageMagick installed on the remote host is prior to 6.9.10.68-3.23. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1479 advisory. A flaw was found in ImageMagick. The -authenticate option is mishandled allowing user-controlled password set for a PDF...
Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2021-1074)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : ImageMagick (RHSA-2021:0024)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0024 advisory. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fixes:...
Important: Red Hat Security Advisory: ImageMagick security update
An update for ImageMagick is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
Scientific Linux Security Update : ImageMagick on SL7.x i686/x86_64 (2021:0024)
The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2021:0024-1 advisory. - ImageMagick: Shell injection via PDF password could result in arbitrary code execution CVE-2020-29599 Note that Nessus has not tested for this issue but...
ImageMagick6 -- multiple vulnerabilities
CVE reports: Several vulnerabilities have been discovered in ImageMagick: CVE-2021-20309: A flaw was found in ImageMagick in versions before 6.9.12, where a division by zero in WaveImage of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an...