Astra Linux - уязвимость в imagemagick

In ImageMagick versions before 7.0.9-0, there are values that are outside the representable range for the 'float' type, located in MagickCore/quantize.c...

CLSA-2024-1731341580 Fix CVE(s): CVE-2002-27759, CVE-2020-27754, CVE-2020-27759

SECURITY UPDATE: Potential overflow in IntensityCompare function in quantize.c - debian/patches/CVE-2020-27754.patch: fix pixel intensity comparison in quantize.c to avoid integer overflow - debian/patches/CVE-2020-27759.patch: fix IntensityCompare function to correctly calculate intensity...

SUSE CVE-2018-11625

In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file...

CVE-2020-27769

In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c...

Design/Logic Flaw

In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c...

UBUNTU-CVE-2020-27769

In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c...

Imagemagick Studio ImageMagick 输入验证错误漏洞

ImageMagick is a suite of open source image processing software. The software can read, convert or write images in a variety of formats. A code issue vulnerability exists in versions of ImageMagick prior to 7.0.9-0, which stems from an out-of-range representable value range for the unsigned float...

CVE-2020-27754

In IntensityCompare of /magick/quantize.c, there are calls to PixelPacketIntensity which could return overflowed values to the caller when ImageMagick processes a crafted input file. To mitigate this, the patch introduces and uses the ConstrainPixelIntensity function, which forces the pixel...

CVE-2020-27754

ImageMagick vulnerability CVE-2020-27754 stems from overflow-prone calls to PixelPacketIntensity() in IntensityCompare() within magick/quantize.c. A crafted input could return overflowed pixel intensities to callers; the patch fixes this by introducing ConstrainPixelIntensity() to clamp values wi...

Design/Logic Flaw

In IntensityCompare of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type int to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by ImageMagick. Red Hat...

CVE-2020-27759

In IntensityCompare of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type int to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by ImageMagick. Red Hat...

CVE-2020-27759

In IntensityCompare of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type int to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by ImageMagick. Red Hat...

CVE-2020-27759

ImageMagick CVE-2020-27759: In IntensityCompare() (MagickCore/quantize.c) a double value could be cast to int, returning a value outside the int range when processing crafted input; Red Hat marks the issue as Low severity and reports no specific impact beyond potential availability impact. Affect...

CVE-2020-27769

In ImageMagick, there are outside the range of representable values of type 'float' at MagickCore/quantize.c...

CVE-2020-27759

In IntensityCompare of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type int to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by ImageMagick...

PT-2019-5849 · Imagemagick +4 · Imagemagick +4

Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 7.0.9-0 Description: The issue is related to an integer overflow in the MagickCore/quantize.c component of the ImageMagick console graphic editor. This allows a remote attacker to cause a denial of service. The...

CVE-2019-11598

In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c...

ImageMagick heap buffer overread vulnerability (CNVD-2018-12312)

ImageMagick is a software for creating, editing, and compositing images that can read, convert, and write images in many formats. A heap buffer over-read vulnerability exists in SetGrayscaleImage in quantize.c in ImageMagick 7.0.7-37 Q16. Allows an attacker to cause the heap buffer to be overread...

CVE-2018-11625

In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file...

CVE-2018-11625

In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file...