113 matches found
Amazon Linux AMI : php70-pecl-imagick (ALAS-2023-1813)
The version of php70-pecl-imagick installed on the remote host is prior to 3.4.4-1.7. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1813 advisory. ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c...
Amazon Linux AMI : php55-pecl-imagick (ALAS-2023-1812)
The version of php55-pecl-imagick installed on the remote host is prior to 3.4.4-2.15. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1812 advisory. ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds....
Amazon Linux AMI : php71-pecl-imagick (ALAS-2023-1814)
The version of php71-pecl-imagick installed on the remote host is prior to 3.4.4-2.8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1814 advisory. ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c...
Amazon Linux AMI : php72-pecl-imagick (ALAS-2023-1815)
The version of php72-pecl-imagick installed on the remote host is prior to 3.4.4-2.10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1815 advisory. ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds....
Amazon Linux AMI : php56-pecl-imagick (ALAS-2023-1811)
The version of php56-pecl-imagick installed on the remote host is prior to 3.4.4-2.16. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1811 advisory. ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds....
Amazon Linux AMI : php54-pecl-imagick (ALAS-2023-1810)
The version of php54-pecl-imagick installed on the remote host is prior to 3.4.4-2.11. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1810 advisory. ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds....
SUSE CVE-2019-11037
In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled ...
PT-2023-36335 · Unknown · Phpmyadmin
Name of the Vulnerable Software and Affected Versions: phpMyAdmin affected versions not specified Description: The issue concerns a security fix for an XSS vulnerability in the drag-and-drop upload functionality. Additional bugfixes include resolving errors when configuring 2FA without XMLWriter ...
Ubuntu: Security Advisory (USN-4586-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2021-0156)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2021-0013)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for php-pecl-imagick (FEDORA-2021-b58af96f33)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for php-pecl-imagick (FEDORA-2021-df1fa3d3e0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Nextcloud: HEIC image preview can be used to invoke Imagick
The HEIC image preview provider calls into Imagick at https://github.com/nextcloud/server/blob/5d097ddb4b99673f57b8c085dedd93880ee2539d/lib/private/Preview/HEIC.phpL98-L109. This is bad as Imagick processes all kind of image types. One can use this for example to exfiltrate arbitrary files by...
USN-4586-1 php-imagick vulnerability
It was discovered that PHP ImageMagick extension didn't check the address used by an array. An attacker could use this issue to cause PHP ImageMagick to crash, resulting in a denial of service...
Arbitrary Code Execution
php-imagick is vulnerable to arbitrary code execution. Lack of boundary checks when writing to an array of values in ImagickKernel::fromMatrix can potentially lead to out of bounds write to memory if the function is called with the data controlled by untrusted party...
The vulnerability of the ImagickKernel::fromMatrix() function in the php-imagick extension for PHP allows a attacker to cause a service failure or execute arbitrary code.
The vulnerability of the ImagickKernel::fromMatrix function in the php-imagick extension for PHP is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability may allow a remote attacker to cause a service failure or execute arbitrary code...
GLSA-202003-38 : PECL Imagick: Arbitrary code execution
The remote host is affected by the vulnerability described in GLSA-202003-38 PECL Imagick: Arbitrary code execution An out-of-bounds write vulnerability was discovered in the Imagick PHP extension. Impact : A remote attacker, able to upload specially crafted images which will get processed by...
PECL Imagick: Arbitrary code execution
Background Imagick is a PHP extension to create and modify images using the ImageMagick library. Description An out-of-bounds write vulnerability was discovered in the Imagick PHP extension. Impact A remote attacker, able to upload specially crafted images which will get processed by Imagick, cou...
openSUSE Security Update : php7-imagick (openSUSE-2020-14)
This update for php7-imagick fixes the following issues : Upgrade to version 3.4.4 : Added : - function Imagick::optimizeImageTransparency - METRICSTRUCTURALSIMILARITYERROR - METRICSTRUCTURALDISSIMILARITYERROR - COMPRESSIONZSTD - https://github.com/facebook/zstd - COMPRESSIONWEBP -...