CVE-2020-27560 - ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which ma

CVE-2020-27560

Summary

ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.

References

Vulnerable Configurations

cpe:2.3:a:imagemagick:imagemagick:7.0.10-34:*:*:*:*:*:*:*
cpe:2.3:a:imagemagick:imagemagick:7.0.10-34:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

refmap via4

misc	https://github.com/ImageMagick/ImageMagick/commit/ef59bd764f88d893f1219fee8ba696a5d3f8c1c4
mlist	[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update
suse	openSUSE-SU-2020:1884

Last major update

11-03-2023 - 23:15

Published

22-10-2020 - 14:15

Last modified

11-03-2023 - 23:15