Описание
In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix() function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled by untrusted party.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 3.4.3~rc2-2ubuntu4.1 |
| cosmic | ignored | end of life |
| devel | not-affected | 3.7.0-2 |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | released | 3.4.3~rc2-2ubuntu4.1 |
| esm-apps/focal | needed | |
| esm-apps/jammy | needed | |
| esm-apps/noble | not-affected | 3.7.0-2 |
| esm-apps/xenial | released | 3.4.0~rc6-1ubuntu3+esm1 |
Показывать по
EPSS
7.5 High
CVSS2
4.9 Medium
CVSS3
Связанные уязвимости
In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix() function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled by untrusted party.
In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix() function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled by untrusted party.
In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing ...
In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix() function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled by untrusted party.
EPSS
7.5 High
CVSS2
4.9 Medium
CVSS3