Lucene search
Veracode Vulnerability DatabaseVERACODE:5036HistorySep 08, 2017 - 3:37 a.m.
Denial Of Service (DoS) Through CPU Consumption
2017-09-0803:37:58
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
EPSS
0.007
Percentile
80.6%
ImageMagick is vulnerable to denial of service (DoS) attacks. A malicious user can pass a PSD file that can claim to have a large length to the ReadPSDLayersInternal() function in coders/psd.c to cause a large loop that consumes CPU resources.
References
github.com/ImageMagick/ImageMagick/commit/04a567494786d5bb50894fc8bb8fea0cf496bea8
github.com/ImageMagick/ImageMagick/commit/89b6168540eb09b5f7fb6155717eb5c4174604b7
github.com/ImageMagick/ImageMagick/commit/f68a98a9d385838a1c73ec960a14102949940a64
github.com/ImageMagick/ImageMagick/issues/714
lists.debian.org/debian-lts-announce/2019/05/msg00015.html
lists.debian.org/debian-lts-announce/2020/09/msg00007.html
security.gentoo.org/glsa/201711-07
usn.ubuntu.com/3681-1/
Related
cvelist
cvelist
CVE-2017-14174
2017-09-07 06:00:00
redhatcve
redhatcve
CVE-2017-14174
2017-09-08 08:30:38
debiancve
debiancve
CVE-2017-14174
2017-09-07 06:29:00
prion
prion
Design/Logic Flaw
2017-09-07 06:29:00
nvd
nvd
CVE-2017-14174
2017-09-07 06:29:00
ubuntucve
ubuntucve
CVE-2017-14174
2017-09-07 00:00:00
cve
cve
CVE-2017-14174
2017-09-07 06:29:00
nessus
nessus
SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2018:0017-1)
2018-01-04 00:00:00
SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2018:0043-1)
2018-01-10 00:00:00
openSUSE Security Update : ImageMagick (openSUSE-2018-7)
2018-01-08 00:00:00
suse
suse
Security update for ImageMagick (important)
2018-01-04 15:09:43
Security update for ImageMagick (important)
2018-01-05 18:08:13
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:0043-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for ImageMagick (openSUSE-SU-2018:0025-1)
2018-01-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:0017-1)
2021-04-19 00:00:00
debian
debian
[SECURITY] [DLA 1131-1] imagemagick security update
2017-10-11 02:59:21
[SECURITY] [DLA 1785-1] imagemagick security update
2019-05-14 10:40:29
[SECURITY] [DLA 2366-1] imagemagick security update
2020-09-07 21:24:40
osv
osv
imagemagick - security update
2017-10-10 00:00:00
imagemagick - security update
2020-09-07 00:00:00
imagemagick - security update
2019-05-13 00:00:00
gentoo
gentoo
ImageMagick: Multiple vulnerabilities
2017-11-11 00:00:00
cloudfoundry
cloudfoundry
USN-3681-1: ImageMagick vulnerabilities | Cloud Foundry
2018-06-14 00:00:00
ubuntu
ubuntu
ImageMagick vulnerabilities
2018-06-12 00:00:00