ImageMagick is vulnerable to denial of service (DoS) attacks. A malicious user can pass a PSD file that can claim to have a large length
to the ReadPSDLayersInternal()
function in coders/psd.c
to cause a large loop that consumes CPU resources.
github.com/ImageMagick/ImageMagick/commit/04a567494786d5bb50894fc8bb8fea0cf496bea8
github.com/ImageMagick/ImageMagick/commit/89b6168540eb09b5f7fb6155717eb5c4174604b7
github.com/ImageMagick/ImageMagick/commit/f68a98a9d385838a1c73ec960a14102949940a64
github.com/ImageMagick/ImageMagick/issues/714
lists.debian.org/debian-lts-announce/2019/05/msg00015.html
lists.debian.org/debian-lts-announce/2020/09/msg00007.html
security.gentoo.org/glsa/201711-07
usn.ubuntu.com/3681-1/