Описание
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 1.3.27-3 |
| cosmic | not-affected | 1.3.27-3 |
| devel | not-affected | 1.3.27-3 |
| disco | not-affected | 1.3.27-3 |
| eoan | not-affected | 1.3.27-3 |
| esm-apps/bionic | not-affected | 1.3.27-3 |
| esm-apps/xenial | released | 1.3.23-1ubuntu0.6 |
| esm-infra-legacy/trusty | not-affected | code not present |
| precise/esm | DNE |
Показывать по
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type.
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buf ...
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type.
Уязвимость функции WriteWEBPImage (coders/webp.c) кроссплатформенной библиотеки для работы с графикой GraphicsMagick, позволяющая нарушителю выполнить произвольный код
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3