CVE-2020-13902

Опубликовано: 07 июн. 2020

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 5.8

CVSS3: 7.1

Описание

ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding.

Релиз	Статус	Примечание
bionic	not-affected	code not present
devel	not-affected	code not present
eoan	ignored	end of life
esm-apps/focal	not-affected	code not present
esm-infra-legacy/trusty	not-affected	code not present
esm-infra/bionic	not-affected	code not present
esm-infra/xenial	not-affected	code not present
focal	not-affected	code not present
precise/esm	DNE
trusty	ignored	end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 51%

0.00278

Низкий

5.8 Medium

CVSS2

7.1 High

CVSS3

Связанные уязвимости

CVE-2020-13902

CVSS3: 7.1

redhat

больше 5 лет назад

ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding.

CVE-2020-13902

CVSS3: 7.1

nvd

больше 5 лет назад

ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding.

CVE-2020-13902

CVSS3: 7.1

debian

больше 5 лет назад

ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-re ...

GHSA-mg9m-6vj7-7v9f

github

больше 3 лет назад

ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding.

EPSS

Процентиль: 51%

0.00278

Низкий

5.8 Medium

CVSS2

7.1 High

CVSS3

CVE-2020-13902

Описание

Пакет imagemagick

Ссылки на источники

Связанные уязвимости