Описание
The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified other impact via a crafted file.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 1.3.26-18 |
| cosmic | not-affected | 1.3.26-18 |
| devel | not-affected | 1.3.26-18 |
| disco | not-affected | 1.3.26-18 |
| eoan | not-affected | 1.3.26-18 |
| esm-apps/bionic | not-affected | 1.3.26-18 |
| esm-apps/focal | not-affected | 1.3.26-18 |
| esm-apps/jammy | not-affected | 1.3.26-18 |
| esm-apps/xenial | released | 1.3.23-1ubuntu0.5 |
Показывать по
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified other impact via a crafted file.
The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 doe ...
The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified other impact via a crafted file.
Уязвимость функции DrawImage (magick/render.c) кроссплатформенной библиотеки для работы с графикой GraphicsMagick, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
6.8 Medium
CVSS2
8.8 High
CVSS3