Описание
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues reading from it, leading to a UAF in ReadBlobString during further parsing. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 8:7.1.2.13+dfsg1-1ubuntu1 |
| esm-apps/focal | released | 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm8 |
| esm-apps/jammy | released | 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm8 |
| esm-apps/noble | released | 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm7 |
| esm-infra-legacy/trusty | released | 8:6.7.7.10-6ubuntu3.13+esm19 |
| esm-infra/bionic | released | 8:6.9.7.4+dfsg-16ubuntu6.15+esm10 |
| esm-infra/xenial | released | 8:6.8.9.9-7ubuntu5.16+esm18 |
| jammy | needed | |
| noble | needed | |
| questing | needed |
Показывать по
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues reading from it, leading to a UAF in ReadBlobString during further parsing. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues reading from it, leading to a UAF in ReadBlobString during further parsing. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
ImageMagick is free and open-source software used for editing and mani ...
ImageMagick has Use After Free in MSLStartElement in "coders/msl.c"
EPSS
5.3 Medium
CVSS3