| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-3718 | 4.3 |
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
|
24-07-2024 - 17:05 | 05-05-2016 - 18:59 | |
| CVE-2020-29599 | 6.8 |
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible
|
11-03-2023 - 23:15 | 07-12-2020 - 20:15 | |
| CVE-2020-29599 | None |
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible
|
07-12-2020 - 20:15 | 07-12-2020 - 20:15 | |
| CVE-2019-9956 | 6.8 |
In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file.
|
24-08-2020 - 17:37 | 24-03-2019 - 00:29 | |
| CVE-2012-1798 | 4.3 |
The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.
|
31-07-2020 - 18:43 | 05-06-2012 - 22:55 | |
| CVE-2016-5240 | 4.3 |
The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file.
|
18-05-2018 - 01:29 | 27-02-2017 - 22:59 |