Updated: 2024-11-24 03:52:41.200344
Description:
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | MEDIUM | 4.3 |
CVSS Version 3.x | LOW | 3.3 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
---|---|---|---|---|---|---|---|---|
Ubuntu 16.04 ELS | imagemagick | 6.8.9.9-7 | 3.3 | LOW | Released | CLSA-2024:1732555093 | 2024-11-25 13:33:26 |