USN-6200-2: ImageMagick vulnerabilities

USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This update fixes the problem. Original advisory details: It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected...

[SECURITY] [DLA 3737-1] imagemagick security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3737-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès February 22, 2024 https://wiki.debian.org/LTS -...

SUSE: Security Advisory (SUSE-SU-2023:4634-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6200-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. CVE-2020-29599 It was...

Amazon Linux AMI : ImageMagick (ALAS-2023-1745)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1.25. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1745 advisory. A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation...

Medium: ImageMagick

Issue Overview: A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulti...

Mageia: Security Advisory (MGASA-2023-0136)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated imgagmagick packages fix security vulnerability

A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial o...

SUSE SLES15 / openSUSE 15 Security Update : ImageMagick (SUSE-SU-2023:1756-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1756-1 advisory. - A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw...

SUSE-SU-2023:1756-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2023-1289: Fixed segmentation fault and possible DoS via specially crafted SVG. bsc1209141...

SUSE: Security Advisory (SUSE-SU-2023:1734-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:1734-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2023-1289: Fixed segmentation fault and possible DoS via specially crafted SVG. bsc1209141...

SUSE-SU-2023:1733-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2023-1289: Fixed segmentation fault and possible DoS via specially crafted SVG. bsc1209141...

CVE-2023-1289

CVE-2023-1289 affects ImageMagick: a specially crafted SVG can trigger self-loading and a segmentation fault, enabling a denial-of-service via massive /tmp trash files. Impact: remote but requires a crafted SVG; local/remote access specifics are not detailed beyond the described attack. In practi...

SUSE CVE-2023-1289

A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial o...