CVE-2019-10649

Опубликовано: 30 мар. 2019

Источник: debian

EPSS Низкий

Описание

In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
imagemagick	fixed	8:6.9.11.24+dfsg-1		package

Примечания

https://github.com/ImageMagick/ImageMagick/issues/1533
https://github.com/ImageMagick/ImageMagick/commit/d3ae9c19125c8704b4866381f7a064ca2cbdc006
ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/e3417aebe17cbe274b7361aa92c83226ca5b646b

EPSS

Процентиль: 68%

0.00571

Низкий

Связанные уязвимости

CVE-2019-10649

CVSS3: 5.5

ubuntu

почти 7 лет назад

In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.

CVE-2019-10649

CVSS3: 5.5

redhat

почти 7 лет назад

In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.

CVE-2019-10649

CVSS3: 5.5

nvd

почти 7 лет назад

In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.

GHSA-x7gh-h4gm-34v3

CVSS3: 6.5

github

больше 3 лет назад

In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.

BDU:2020-01539

CVSS3: 6.5

fstec

почти 7 лет назад

Уязвимость функции SVGKeyValuePairs консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 68%

0.00571

Низкий