Imagemagick » Imagemagick : Security Vulnerabilities, CVEs, Published In 2017 (Information Leak)

CVE-2017-15277

ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette.
Max CVSS
6.5
EPSS Score
1.81%
Published
2017-10-12
Updated
2018-10-18

CVE-2017-13143

In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory.
Max CVSS
7.5
EPSS Score
0.63%
Published
2017-08-23
Updated
2018-06-14

CVE-2017-11448

The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.
Max CVSS
6.5
EPSS Score
0.22%
Published
2017-07-19
Updated
2021-04-28
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close