8 matches found
Ubuntu 20.04 LTS / 22.04 LTS : ImageProcessing vulnerability (USN-6675-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6675-1 advisory. It was discovered that ImageProcessing incorrectly handled series of operations that are coming from unsanitised inputs. If a user or an automated...
[SECURITY] [DSA 5310-1] ruby-image-processing security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5310-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 31, 2022 https://www.debian.org/security/faq -...
Debian DSA-5310-1 : ruby-image-processing - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dsa-5310 advisory. It was discovered that ruby-image-processing, a ruby package that provides higher-level image processing helpers, is prone to a remote shell execution vulnerability when...
CVE-2022-24720
imageprocessing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the apply method from imageprocessing to apply a series of operations that are coming from unsanitized user input allows the attacker to execute shell commands. This method is...
CVE-2022-24720 Improper Input Validation in image_processing
imageprocessing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the apply method from imageprocessing to apply a series of operations that are coming from unsanitized user input allows the attacker to execute shell commands. This method is...
CVE-2022-24720 Improper Input Validation in image_processing
imageprocessing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the apply method from imageprocessing to apply a series of operations that are coming from unsanitized user input allows the attacker to execute shell commands. This method is...
CVE-2022-24720
imageprocessing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the apply method from imageprocessing to apply a series of operations that are coming from unsanitized user input allows the attacker to execute shell commands. This method is...
CVE-2022-24720
CVE-2022-24720 affects the image_processing Ruby gem (wrapper for libvips/ImageMagick/GraphicsMagick). A bug in the #apply method allows executing shell commands when operation sequences come from unsanitized user input. This chain affects Active Storage variants that rely on image_processing. Th...