Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

61 – 70 of 642 results


CVE-2020-25674

Low priority
Fixed

WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less...

1 affected packages

imagemagick

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imagemagick Not affected Not affected Fixed Fixed Fixed
Show less packages

CVE-2020-25667

Medium priority
Not affected

TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a crafted input file is provided to...

1 affected packages

imagemagick

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imagemagick Not affected Not affected Not affected
Show less packages

CVE-2020-25666

Low priority
Fixed

There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. This occurs in the rgb values and `count` value for a color. The patch uses casts...

1 affected packages

imagemagick

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imagemagick Not affected Not affected Fixed Fixed Fixed
Show less packages

CVE-2020-25665

Low priority
Fixed

The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. The patch adds...

1 affected packages

imagemagick

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imagemagick Not affected Not affected Fixed Fixed Fixed
Show less packages

CVE-2020-25664

Medium priority

Some fixes available 2 of 13

In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The...

1 affected packages

imagemagick

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imagemagick Vulnerable Vulnerable Vulnerable Vulnerable Fixed
Show less packages

CVE-2020-25663

Medium priority
Not affected

A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() was called. This could occur if...

1 affected packages

imagemagick

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imagemagick Not affected Not affected Not affected
Show less packages

CVE-2020-29599

Negligible priority

Some fixes available 1 of 2

ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it...

1 affected packages

imagemagick

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imagemagick Not affected Fixed Not affected Not affected
Show less packages

CVE-2020-27773

Low priority
Fixed

A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char`...

1 affected packages

imagemagick

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imagemagick Not affected Not affected Fixed Fixed Fixed
Show less packages

CVE-2020-27772

Low priority
Fixed

A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would...

1 affected packages

imagemagick

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imagemagick Not affected Not affected Fixed Fixed Fixed
Show less packages

CVE-2020-27776

Low priority
Fixed

A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long....

1 affected packages

imagemagick

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imagemagick Not affected Not affected Fixed Fixed Fixed
Show less packages