The vulnerability of the “identify -help” command in the console-based image editing tool ImageMagick arises from improper memory release before deleting the last link. This allows a malicious actor to compromise data integrity and cause service failures.

The vulnerability of the “identify -help” command in the console-based image editing tool ImageMagick is related to improper memory release before deleting the last link. Exploiting this vulnerability can allow an attacker to compromise data integrity and cause service failures...

CLSA-2023-1696351966 Fix CVE(s): CVE-2022-48541

SECURITY UPDATE: a memory leak that allows remote attackers to perform a denial of service via the "identify -help" command - debian/patches/CVE-2022-48541.patch: added missing calls to destroy methods - CVE-2022-48541...

CLSA-2023-1696351712 Fix CVE(s): CVE-2022-48541

SECURITY UPDATE: a memory leak that allows remote attackers to perform a denial of service via the "identify -help" command - debian/patches/CVE-2022-48541.patch: added missing calls to destroy methods - CVE-2022-48541...

Denial Of Service (DoS)

imagemagick is vulnerable to Denial of Service DoS attacks. The vulnerability exists due to a flaw in the way the identify command handles certain image files. A remote attacker can exploit this vulnerability to cause the ImageMagick process to leak memory, which could eventually lead to a denial...

UBUNTU-CVE-2022-48541

A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the "identify -help" command...

CVE-2022-48541

A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the "identify -help" command...

PT-2020-6973 · Unknown +3 · Imagemagick +3

Name of the Vulnerable Software and Affected Versions: ImageMagick versions 6.9.11-22 through 7.0.10-45 Description: A memory leak in the identify -help command allows remote attackers to perform a denial of service. The issue is related to incorrect memory deallocation before removing the last...

CVE-2017-16352

CVE-2017-16352 affects GraphicsMagick 1.3.26 and is a heap-based buffer overflow in the Display visual image directory feature of DescribeImage() (magick/describe.c). Trigger: running identify on a specially crafted MIFF file with the verbose flag. Impact details in the vulnerability describe onl...

CVE-2017-16352

GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted...