Описание
A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an attacker to create a specially crafted image that leads to a use-after-free vulnerability when processed by ImageMagick. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present, 7.x only |
| devel | not-affected | code not present, 7.x only |
| esm-apps/focal | not-affected | code not present, 7.x only |
| esm-apps/jammy | not-affected | code not present, 7.x only |
| esm-infra/bionic | not-affected | code not present, 7.x only |
| esm-infra/xenial | not-affected | code not present, 7.x only |
| focal | not-affected | code not present, 7.x only |
| hirsute | not-affected | code not present, 7.x only |
| impish | not-affected | code not present, 7.x only |
| jammy | not-affected | code not present, 7.x only |
Показывать по
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an attacker to create a specially crafted image that leads to a use-after-free vulnerability when processed by ImageMagick. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an attacker to create a specially crafted image that leads to a use-after-free vulnerability when processed by ImageMagick. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
A flaw was found in ImageMagick where it did not properly sanitize cer ...
A flaw was found in ImageMagick 7.1.0-14 where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an attacker to create a specially crafted image that leads to a use-after-free vulnerability when processed by ImageMagick. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Уязвимость консольного графического редактора ImageMagick, связанная с использованием памяти после её освобождения, позволяющая нарушителю оказать влияние на целостность, доступность и конфиденциальность защищаемой информации
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3