Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2024/03/05 12:0 a.m.20 views

Ubuntu 20.04 LTS / 22.04 LTS : ImageProcessing vulnerability (USN-6675-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6675-1 advisory. It was discovered that ImageProcessing incorrectly handled series of operations that are coming from unsanitised inputs. If a user or an automated...

10CVSS8.7AI score0.02595EPSS
Exploits1References2
Debian
Debian
added 2022/12/31 9:42 a.m.98 views

[SECURITY] [DSA 5310-1] ruby-image-processing security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5310-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 31, 2022 https://www.debian.org/security/faq -...

10CVSS9.5AI score0.02595EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/12/31 12:0 a.m.49 views

Debian DSA-5310-1 : ruby-image-processing - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dsa-5310 advisory. It was discovered that ruby-image-processing, a ruby package that provides higher-level image processing helpers, is prone to a remote shell execution vulnerability when...

10CVSS8.3AI score0.02595EPSS
Exploits1References6
NVD
NVD
added 2022/03/01 11:15 p.m.47 views

CVE-2022-24720

imageprocessing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the apply method from imageprocessing to apply a series of operations that are coming from unsanitized user input allows the attacker to execute shell commands. This method is...

10CVSS0.02595EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/03/01 12:0 a.m.7 views

CVE-2022-24720 Improper Input Validation in image_processing

imageprocessing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the apply method from imageprocessing to apply a series of operations that are coming from unsanitized user input allows the attacker to execute shell commands. This method is...

9.8CVSS9.5AI score0.02595EPSS
Exploits1References3
CVE
CVE
added 2022/03/01 12:0 a.m.139 views

CVE-2022-24720

CVE-2022-24720 affects the image_processing Ruby gem (wrapper for libvips/ImageMagick/GraphicsMagick). A bug in the #apply method allows executing shell commands when operation sequences come from unsanitized user input. This chain affects Active Storage variants that rely on image_processing. Th...

10CVSS9.4AI score0.02595EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/03/01 12:0 a.m.56 views

CVE-2022-24720 Improper Input Validation in image_processing

imageprocessing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the apply method from imageprocessing to apply a series of operations that are coming from unsanitized user input allows the attacker to execute shell commands. This method is...

9.8CVSS9.7AI score0.02595EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2022/03/01 12:0 a.m.43 views

CVE-2022-24720

imageprocessing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the apply method from imageprocessing to apply a series of operations that are coming from unsanitized user input allows the attacker to execute shell commands. This method is...

10CVSS9.5AI score0.02595EPSS
Exploits1
Rows per page
Query Builder