Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-20224

Опубликовано: 25 авг. 2022
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash.

An integer overflow issue was found in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in outside the range of representable values for the type 'unsigned char.' When ImageMagick processes a crafted pdf file, this issue could lead to undefined behavior or a crash.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6ImageMagickNot affected
Red Hat Enterprise Linux 7ImageMagickOut of support scope

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-190
https://bugzilla.redhat.com/show_bug.cgi?id=2124173ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c

EPSS

Процентиль: 3%
0.00019
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-20224

CVSS3: 5.5
ubuntu
почти 3 года назад

An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash.

nvd логотип

CVE-2021-20224

CVSS3: 5.5
nvd
почти 3 года назад

An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash.

debian логотип

CVE-2021-20224

CVSS3: 5.5
debian
почти 3 года назад

An integer overflow issue was discovered in ImageMagick's ExportIndexQ ...

suse-cvrf логотип

SUSE-SU-2022:3138-1

suse-cvrf
почти 3 года назад

Security update for ImageMagick

github логотип

GHSA-ccpc-2gr7-q87w

CVSS3: 5.5
github
почти 3 года назад

An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash.

EPSS

Процентиль: 3%
0.00019
Низкий

5.5 Medium

CVSS3

Уязвимость CVE-2021-20224