Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:22892
HistoryApr 01, 2020 - 12:39 a.m.

Denial Of Service (DoS)

2020-04-0100:39:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
23
denial of service
imagemagick
vulnerability
buffer over-read

EPSS

0.004

Percentile

74.6%

imagemagick is vulnerable to denial of service (DoS). The vulnerability exists through a heap-based buffer over-read in AdaptiveThresholdImage in MagickCore/threshold.c.

Affected configurations

Vulners
Node
imagemagickimagemagickMatch6.7.8.9_18.el7
OR
imagemagickimagemagickMatch6.7.8.9_16.el7_6
OR
imagemagickimagemagickMatch6.7.8.9_15.el7_2
OR
-autotraceMatch0.31.1_37.el7
OR
inkscapeinkscapeMatch0.92.2_2.el7
OR
emacsMatch24.3_20.el7_4
OR
emacsMatch24.3_22.el7
OR
-imagemagick6Match6.9.10.39-r0
OR
-imagemagick\Matchbullseye8\6.9.11.24+dfsg-1+b2
OR
-imagemagick\Matchsid8\6.9.11.24+dfsg-1+b2
OR
-imagemagick\Matchstretch8\6.9.7.4+dfsg-11+deb9u8
VendorProductVersionCPE
imagemagickimagemagick6.7.8.9_18.el7cpe:2.3:a:imagemagick:imagemagick:6.7.8.9_18.el7:*:*:*:*:*:*:*
imagemagickimagemagick6.7.8.9_16.el7_6cpe:2.3:a:imagemagick:imagemagick:6.7.8.9_16.el7_6:*:*:*:*:*:*:*
imagemagickimagemagick6.7.8.9_15.el7_2cpe:2.3:a:imagemagick:imagemagick:6.7.8.9_15.el7_2:*:*:*:*:*:*:*
-autotrace0.31.1_37.el7cpe:2.3:a:-:autotrace:0.31.1_37.el7:*:*:*:*:*:*:*
inkscapeinkscape0.92.2_2.el7cpe:2.3:a:inkscape:inkscape:0.92.2_2.el7:*:*:*:*:*:*:*
*emacs24.3_20.el7_4cpe:2.3:a:*:emacs:24.3_20.el7_4:*:*:*:*:*:*:*
*emacs24.3_22.el7cpe:2.3:a:*:emacs:24.3_22.el7:*:*:*:*:*:*:*
-imagemagick66.9.10.39-r0cpe:2.3:a:-:imagemagick6:6.9.10.39-r0:*:*:*:*:*:*:*
-imagemagick\bullseyecpe:2.3:a:-:imagemagick\:bullseye:8\:6.9.11.24+dfsg-1+b2:*:*:*:*:*:*:*
-imagemagick\sidcpe:2.3:a:-:imagemagick\:sid:8\:6.9.11.24+dfsg-1+b2:*:*:*:*:*:*:*
Rows per page:
1-10 of 111

References