Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-20313

Опубликовано: 11 мая 2021
Источник: debian
EPSS Низкий

Описание

A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
imagemagickfixed8:6.9.12.20+dfsg1-1experimentalpackage
imagemagickfixed8:6.9.11.60+dfsg-1.5package
imagemagickfixed8:6.9.11.60+dfsg-1.3+deb11u4bullseyepackage

Примечания

  • https://github.com/ImageMagick/ImageMagick/commit/70aa86f5d5d8aa605a918ed51f7574f433a18482

  • IM6: https://github.com/ImageMagick/ImageMagick6/commit/e53e24b078f7fa586f9cc910491b8910f5bdad2e

EPSS

Процентиль: 47%
0.00242
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2021-20313

CVSS3: 7.5
ubuntu
больше 4 лет назад

A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality.

redhat логотип

CVE-2021-20313

CVSS3: 5.1
redhat
почти 5 лет назад

A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality.

nvd логотип

CVE-2021-20313

CVSS3: 7.5
nvd
больше 4 лет назад

A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality.

github логотип

GHSA-vrm6-xcmv-x82r

CVSS3: 7.5
github
больше 3 лет назад

A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality.

fstec логотип

BDU:2021-05209

CVSS3: 7.5
fstec
почти 5 лет назад

Уязвимость функции TransformSignature компонента MagickCore/signature.c консольного графического редактора ImageMagick, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным

EPSS

Процентиль: 47%
0.00242
Низкий