GraphicsmagickCVEs & Vulnerabilities

121 CVEs affecting Graphicsmagick products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

graphicsmagick 283
CVE-2017-16353MEDIUMpoc

GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments are never checked.

1 Nov 2017
6.5
CVSS
CVE-2017-16352HIGHpoc

GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag.

1 Nov 2017
8.8
CVSS
CVE-2017-15930HIGH

In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer.

27 Oct 2017
8.8
CVSS
CVE-2017-15277MEDIUM

ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette.

12 Oct 2017
6.5
CVSS
CVE-2017-15238HIGH

ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage.

11 Oct 2017
8.8
CVSS
CVE-2017-14997MEDIUM

GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c.

4 Oct 2017
6.5
CVSS
CVE-2017-14994MEDIUM

ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted DICOM image, related to the ability of DCM_ReadNonNativeImages to yield an image list with zero frames.

4 Oct 2017
6.5
CVSS
CVE-2017-14733MEDIUM

ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

26 Sep 2017
6.5
CVSS
CVE-2017-14649MEDIUM

ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash).

21 Sep 2017
5.5
CVSS
CVE-2017-14504MEDIUM

ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure the correct number of colors for the XV 332 format, leading to a NULL Pointer Dereference.

17 Sep 2017
6.5
CVSS
CVE-2017-14314MEDIUM

Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file.

12 Sep 2017
6.5
CVSS
CVE-2017-14165MEDIUM

The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the MagickMalloc function in magick/memory.c.

6 Sep 2017
6.5
CVSS
CVE-2017-14103HIGH

The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-11403.

1 Sep 2017
8.8
CVSS
CVE-2017-14042MEDIUM

A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c.

31 Aug 2017
6.5
CVSS
CVE-2017-13777MEDIUM

GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it.

30 Aug 2017
6.5
CVSS
CVE-2017-13776MEDIUM

GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it.

30 Aug 2017
6.5
CVSS
CVE-2017-13775MEDIUM

GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests.

30 Aug 2017
6.5
CVSS
CVE-2017-13737MEDIUM

There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.

29 Aug 2017
6.5
CVSS
CVE-2017-13736MEDIUM

There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.

29 Aug 2017
6.5
CVSS
CVE-2017-13648MEDIUM

In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c.

24 Aug 2017
6.5
CVSS
CVE-2017-13147HIGH

In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value.

23 Aug 2017
8.8
CVSS
CVE-2017-13066MEDIUM

GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c.

22 Aug 2017
6.5
CVSS
CVE-2017-13065MEDIUM

GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c.

22 Aug 2017
6.5
CVSS
CVE-2017-13064MEDIUM

GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12.

22 Aug 2017
6.5
CVSS
CVE-2017-13063MEDIUM

GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12.

22 Aug 2017
6.5
CVSS
CVE-2017-12937HIGH

The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read.

18 Aug 2017
8.8
CVSS
CVE-2017-12936HIGH

The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting.

18 Aug 2017
8.8
CVSS
CVE-2017-12935HIGH

The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.

18 Aug 2017
8.8
CVSS
CVE-2017-11722MEDIUM

The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging statement executing outside of a loop, and consequently using an invalid array index corresponding to the loop's exit condition.

28 Jul 2017
6.5
CVSS
CVE-2017-11643CRITICAL

GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths.

26 Jul 2017
9.8
CVSS
CVE-2017-11642HIGH

GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638.

26 Jul 2017
8.8
CVSS
CVE-2017-11641CRITICAL

GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files.

26 Jul 2017
9.8
CVSS
CVE-2017-11638HIGH

GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642.

26 Jul 2017
8.8
CVSS
CVE-2017-11637CRITICAL

GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images.

26 Jul 2017
9.8
CVSS
CVE-2017-11636CRITICAL

GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths.

26 Jul 2017
9.8
CVSS
CVE-2017-11403HIGH

The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file.

18 Jul 2017
8.8
CVSS
CVE-2017-11140MEDIUM

The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files.

10 Jul 2017
5.5
CVSS
CVE-2017-11139CRITICAL

GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c.

10 Jul 2017
9.8
CVSS
CVE-2017-11102HIGH

The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during JNG reading via a zero-length color_image data structure.

7 Jul 2017
7.5
CVSS
CVE-2017-10800MEDIUM

When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data.

3 Jul 2017
5.5
CVSS
CVE-2017-10799MEDIUM

When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage().

3 Jul 2017
5.5
CVSS
CVE-2017-10794MEDIUM

When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode.

3 Jul 2017
5.5
CVSS
CVE-2017-9098HIGH

ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c.

19 May 2017
7.5
CVSS
CVE-2017-6335MEDIUM

The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file.

14 Mar 2017
5.5
CVSS
CVE-2016-9830MEDIUM

The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.

1 Mar 2017
5.5
CVSS
CVE-2016-5240MEDIUM

The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file.

28 Feb 2017
5.5
CVSS
CVE-2016-8684HIGH

The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."

15 Feb 2017
7.8
CVSS
CVE-2016-8683HIGH

The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."

15 Feb 2017
7.8
CVSS
Graphicsmagick CVEs & Vulnerabilities — 121 Tracked — Page 2