Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-12418

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-04 Aug, 2017 | 00:00
Updated At-05 Aug, 2024 | 18:36
Rejected At-
Credits

ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:04 Aug, 2017 | 00:00
Updated At:05 Aug, 2024 | 18:36
Rejected At:
▼CVE Numbering Authority (CNA)

ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/ImageMagick/ImageMagick/issues/643
x_refsource_CONFIRM
https://usn.ubuntu.com/3681-1/
vendor-advisory
x_refsource_UBUNTU
https://security.gentoo.org/glsa/201711-07
vendor-advisory
x_refsource_GENTOO
Hyperlink: https://github.com/ImageMagick/ImageMagick/issues/643
Resource:
x_refsource_CONFIRM
Hyperlink: https://usn.ubuntu.com/3681-1/
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://security.gentoo.org/glsa/201711-07
Resource:
vendor-advisory
x_refsource_GENTOO
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/ImageMagick/ImageMagick/issues/643
x_refsource_CONFIRM
x_transferred
https://usn.ubuntu.com/3681-1/
vendor-advisory
x_refsource_UBUNTU
x_transferred
https://security.gentoo.org/glsa/201711-07
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: https://github.com/ImageMagick/ImageMagick/issues/643
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://usn.ubuntu.com/3681-1/
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://security.gentoo.org/glsa/201711-07
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:04 Aug, 2017 | 00:29
Updated At:20 Apr, 2025 | 01:37

ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
ImageMagick Studio LLC
imagemagick
>>imagemagick>>7.0.6-5
cpe:2.3:a:imagemagick:imagemagick:7.0.6-5:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-772Primarynvd@nist.gov
CWE ID: CWE-772
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/ImageMagick/ImageMagick/issues/643cve@mitre.org
Issue Tracking
Patch
Third Party Advisory
https://security.gentoo.org/glsa/201711-07cve@mitre.org
N/A
https://usn.ubuntu.com/3681-1/cve@mitre.org
N/A
https://github.com/ImageMagick/ImageMagick/issues/643af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Patch
Third Party Advisory
https://security.gentoo.org/glsa/201711-07af854a3a-2127-422b-91ae-364da2661108
N/A
https://usn.ubuntu.com/3681-1/af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://github.com/ImageMagick/ImageMagick/issues/643
Source: cve@mitre.org
Resource:
Issue Tracking
Patch
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/201711-07
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://usn.ubuntu.com/3681-1/
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://github.com/ImageMagick/ImageMagick/issues/643
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Patch
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/201711-07
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://usn.ubuntu.com/3681-1/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

253Records found
CVE-2017-15033
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.26% / 48.86%
||
7 Day CHG~0.00%
Published-05 Oct, 2017 | 07:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.

Action-Not Available
Vendor-n/aCanonical Ltd.ImageMagick Studio LLC
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2017-12428
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.43% / 61.40%
||
7 Day CHG~0.00%
Published-04 Aug, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service in CloneDrawInfo in draw.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2014-9804
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.22% / 78.27%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to "too many object."

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CVE-2016-10252
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.84% / 73.72%
||
7 Day CHG~0.00%
Published-14 Mar, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CVE-2016-10067
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.10% / 77.09%
||
7 Day CHG~0.00%
Published-02 Mar, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-8895
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.55% / 80.67%
||
7 Day CHG~0.00%
Published-15 Mar, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2014-9854
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.72% / 81.61%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."

Action-Not Available
Vendor-n/aCanonical Ltd.SUSEopenSUSEImageMagick Studio LLC
Product-linux_enterprise_serversuse_linux_enterprise_serverleapimagemagicklinux_enterprise_software_development_kitubuntu_linuxopensusen/a
CVE-2014-9839
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.67% / 70.47%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access).

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9850
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.60% / 80.95%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serversuse_linux_enterprise_software_development_kitleapimagemagickubuntu_linuxsuse_linux_enterprise_desktopopensusen/a
CVE-2014-9851
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.03% / 83.06%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitsuse_linux_enterprise_desktopimagemagickubuntu_linuxsuse_linux_enterprise_debuginfoopensusen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-9842
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.36% / 84.30%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitsuse_linux_enterprise_desktopimagemagickubuntu_linuxsuse_linux_enterprise_debuginfoopensusen/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2014-9848
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.11% / 83.39%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_server_for_raspberry_pisuse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitimagemagickubuntu_linuxsuse_linux_enterprise_desktopopensusen/a
CVE-2014-9849
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.60% / 80.95%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitsuse_linux_enterprise_desktopimagemagickubuntu_linuxsuse_linux_enterprise_debuginfoopensusen/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-6497
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.82% / 73.46%
||
7 Day CHG~0.00%
Published-06 Mar, 2017 | 02:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS).

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-7619
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.48% / 64.34%
||
7 Day CHG~0.00%
Published-10 Apr, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2005-1739
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-12.13% / 93.55%
||
7 Day CHG~0.00%
Published-24 May, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask.

Action-Not Available
Vendor-n/aGraphicsMagickImageMagick Studio LLC
Product-imagemagickgraphicsmagickn/a
CVE-2005-0759
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-1.50% / 80.36%
||
7 Day CHG~0.00%
Published-26 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image with an invalid tag.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.ImageMagick Studio LLC
Product-imagemagickpropackn/a
CVE-2005-0760
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-0.91% / 74.90%
||
7 Day CHG~0.00%
Published-26 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CVE-2005-0761
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-1.07% / 76.88%
||
7 Day CHG~0.00%
Published-26 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of service (application crash) via a crafted PSD file.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.ImageMagick Studio LLC
Product-imagemagickpropackn/a
CVE-2005-1275
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-16.48% / 94.63%
||
7 Day CHG~0.00%
Published-26 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.

Action-Not Available
Vendor-n/aGraphicsMagickImageMagick Studio LLC
Product-imagemagickgraphicsmagickn/a
CVE-2019-7398
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.06%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 00:00
Updated-04 Aug, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCDebian GNU/LinuxopenSUSECanonical Ltd.
Product-ubuntu_linuxdebian_linuximagemagickleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-7175
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.06%
||
7 Day CHG~0.00%
Published-07 Mar, 2019 | 22:00
Updated-04 Aug, 2024 | 20:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCDebian GNU/LinuxopenSUSECanonical Ltd.
Product-ubuntu_linuxdebian_linuximagemagickleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2012-1610
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-7.03% / 91.11%
||
7 Day CHG~0.00%
Published-05 Jun, 2012 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0259.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEImageMagick Studio LLCDebian GNU/Linux
Product-debian_linuxopensuseimagemagickubuntu_linuxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-3610
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.13% / 32.76%
||
7 Day CHG+0.01%
Published-24 Feb, 2022 | 00:00
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault.

Action-Not Available
Vendor-n/aRed Hat, Inc.Fedora ProjectImageMagick Studio LLC
Product-enterprise_linuxfedoraimagemagickImageMagick
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-14137
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.26% / 48.86%
||
7 Day CHG~0.00%
Published-04 Sep, 2017 | 23:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-14739
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.69% / 70.87%
||
7 Day CHG~0.00%
Published-26 Sep, 2017 | 02:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-12435
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.76% / 72.35%
||
7 Day CHG~0.00%
Published-04 Aug, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2017-12805
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.37%
||
7 Day CHG~0.00%
Published-09 May, 2019 | 15:29
Updated-05 Aug, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-12806
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.37%
||
7 Day CHG~0.00%
Published-09 May, 2019 | 15:11
Updated-05 Aug, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-12429
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.57% / 67.53%
||
7 Day CHG~0.00%
Published-04 Aug, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2017-11188
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.37% / 57.92%
||
7 Day CHG~0.00%
Published-12 Jul, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-834
Excessive Iteration
CVE-2016-7539
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-2.91% / 85.84%
||
7 Day CHG~0.00%
Published-25 Jul, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CVE-2016-6823
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.92% / 74.96%
||
7 Day CHG~0.00%
Published-18 Jan, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-12430
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.76% / 72.35%
||
7 Day CHG~0.00%
Published-04 Aug, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2019-7397
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.91%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 00:00
Updated-04 Aug, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.Debian GNU/LinuxGraphicsMagickopenSUSE
Product-ubuntu_linuxdebian_linuximagemagickgraphicsmagickleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-7395
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.74% / 85.40%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 00:00
Updated-04 Aug, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCDebian GNU/LinuxopenSUSECanonical Ltd.
Product-ubuntu_linuxdebian_linuximagemagickleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-7396
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.74% / 85.40%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 00:00
Updated-04 Aug, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCDebian GNU/LinuxopenSUSECanonical Ltd.
Product-ubuntu_linuxdebian_linuximagemagickleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2018-5247
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.41% / 60.35%
||
7 Day CHG~0.00%
Published-05 Jan, 2018 | 19:00
Updated-05 Aug, 2024 | 05:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2018-5357
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.47% / 63.56%
||
7 Day CHG~0.00%
Published-12 Jan, 2018 | 09:00
Updated-05 Aug, 2024 | 05:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2018-5246
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.66% / 70.04%
||
7 Day CHG~0.00%
Published-05 Jan, 2018 | 19:00
Updated-05 Aug, 2024 | 05:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2018-5358
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.41% / 60.21%
||
7 Day CHG~0.00%
Published-12 Jan, 2018 | 09:00
Updated-05 Aug, 2024 | 05:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2018-6405
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.76% / 72.27%
||
7 Day CHG~0.00%
Published-30 Jan, 2018 | 21:00
Updated-05 Aug, 2024 | 06:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2018-13153
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.20% / 41.91%
||
7 Day CHG~0.00%
Published-05 Jul, 2018 | 02:00
Updated-05 Aug, 2024 | 08:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2018-17965
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 44.18%
||
7 Day CHG~0.00%
Published-03 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2018-16640
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.82%
||
7 Day CHG~0.00%
Published-06 Sep, 2018 | 22:00
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2018-14436
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 30.65%
||
7 Day CHG~0.00%
Published-20 Jul, 2018 | 00:00
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2018-14435
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 30.65%
||
7 Day CHG~0.00%
Published-20 Jul, 2018 | 00:00
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2018-14437
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.12% / 32.23%
||
7 Day CHG~0.00%
Published-20 Jul, 2018 | 00:00
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2018-18544
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 35.03%
||
7 Day CHG~0.00%
Published-21 Oct, 2018 | 01:00
Updated-05 Aug, 2024 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31.

Action-Not Available
Vendor-n/aImageMagick Studio LLCGraphicsMagickopenSUSE
Product-imagemagickgraphicsmagickleapn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2018-17966
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 44.18%
||
7 Day CHG~0.00%
Published-03 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found