Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2020-27752

Опубликовано: 08 дек. 2020
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5.8
CVSS3: 7.1

Описание

A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0.

РелизСтатусПримечание
bionic

ignored

end of standard support, was deferred
devel

not-affected

8:6.9.11.60+dfsg-1ubuntu1
esm-apps/focal

deferred

esm-apps/jammy

not-affected

8:6.9.11.60+dfsg-1ubuntu1
esm-apps/noble

not-affected

8:6.9.11.60+dfsg-1ubuntu1
esm-infra-legacy/trusty

deferred

esm-infra/bionic

deferred

esm-infra/xenial

deferred

focal

ignored

end of standard support, was deferred
groovy

ignored

end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 55%
0.0032
Низкий

5.8 Medium

CVSS2

7.1 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2020-27752

CVSS3: 7.1
redhat
больше 6 лет назад

A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0.

nvd логотип

CVE-2020-27752

CVSS3: 7.1
nvd
около 5 лет назад

A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0.

debian логотип

CVE-2020-27752

CVSS3: 7.1
debian
около 5 лет назад

A flaw was found in ImageMagick in MagickCore/quantum-private.h. An at ...

github логотип

GHSA-8h84-r7fq-5pcm

github
больше 3 лет назад

A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0.

fstec логотип

BDU:2021-01009

CVSS3: 7.1
fstec
около 5 лет назад

Уязвимость консольного графического редактора ImageMagick, вызванная переполнением буфера, позволяющая нарушителю оказать воздействие на целостность и доступность защищаемой информации

EPSS

Процентиль: 55%
0.0032
Низкий

5.8 Medium

CVSS2

7.1 High

CVSS3