Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-32547

Опубликовано: 09 апр. 2022
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.

A flaw was found in ImageMagick, where there is a load of a misaligned address for type 'double,' which requires 8-byte alignment, and for type 'float,' which requires 4-byte alignment at MagickCore/property.c. Whenever ImageMagick processes crafted or untrusted input, this causes a negative impact on application availability or other problems related to undefined behavior.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6ImageMagickOut of support scope
Red Hat Enterprise Linux 7ImageMagickOut of support scope

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-704->CWE-681
https://bugzilla.redhat.com/show_bug.cgi?id=2091813ImageMagick: load of misaligned address at MagickCore/property.c

EPSS

Процентиль: 29%
0.00104
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-32547

CVSS3: 7.8
ubuntu
больше 3 лет назад

In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.

nvd логотип

CVE-2022-32547

CVSS3: 7.8
nvd
больше 3 лет назад

In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.

debian логотип

CVE-2022-32547

CVSS3: 7.8
debian
больше 3 лет назад

In ImageMagick, there is load of misaligned address for type 'double', ...

github логотип

GHSA-mw6j-c5j9-xc24

CVSS3: 7.8
github
больше 3 лет назад

In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.

fstec логотип

BDU:2023-01724

CVSS3: 7.5
fstec
почти 4 года назад

Уязвимость компонента MagickCore/property.c консольного графического редактора ImageMagick, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

EPSS

Процентиль: 29%
0.00104
Низкий

5.5 Medium

CVSS3