7 matches found
EUVD-2022-2250
Malicious code in bioql PyPI...
CVE-2022-24720
imageprocessing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the apply method from imageprocessing to apply a series of operations that are coming from unsanitized user input allows the attacker to execute shell commands. This method is...
CVE-2022-24720 Improper Input Validation in image_processing
imageprocessing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the apply method from imageprocessing to apply a series of operations that are coming from unsanitized user input allows the attacker to execute shell commands. This method is...
CVE-2019-11832
TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick...
CVE-2017-15277
ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data...
CVE-2008-1096
The loadtile function in the XCF coder in coders/xcf.c in 1 ImageMagick 6.2.8-0 and 2 GraphicsMagick aka gm 1.1.7 allows user-assisted remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly...
CVE-2005-1739
The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service infinite loop via an image with a zero color mask...