summaryrefslogtreecommitdiffstats
path: root/data/CVE/2017.list
diff options
context:
space:
mode:
authorsecurity tracker role <sectracker@soriano.debian.org>2020-09-07 08:10:16 +0000
committersecurity tracker role <sectracker@soriano.debian.org>2020-09-07 08:10:16 +0000
commit74789c21a3ad4e3bb20d0d61a4e013c7972a1b8e (patch)
tree11abc3cc7b96db42698e4bafbe0f20aed3080670 /data/CVE/2017.list
parentfa1ddfb647a9d2bdd287b5c4f3558b175d1167b1 (diff)
automatic update
Diffstat (limited to 'data/CVE/2017.list')
-rw-r--r--data/CVE/2017.list82
1 files changed, 43 insertions, 39 deletions
diff --git a/data/CVE/2017.list b/data/CVE/2017.list
index f9fa0a7c3a..7ee7506c53 100644
--- a/data/CVE/2017.list
+++ b/data/CVE/2017.list
@@ -1413,7 +1413,7 @@ CVE-2017-18275 (A new account can be inserted into simContacts service using And
CVE-2017-18274 (While iterating through the models contained in a fixed-size array in ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2017-18273 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulner ...)
- {DLA-1785-1 DLA-1381-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1381-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/910
NOTE: https://github.com/ImageMagick/ImageMagick/commit/b8fcb59e9e1d1189caf2e0f5e39346944dcd6b9d
@@ -1425,7 +1425,7 @@ CVE-2017-18272 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-af
NOTE: https://github.com/ImageMagick/ImageMagick/issues/918
NOTE: https://github.com/ImageMagick/ImageMagick/commit/93d029b70ac766ce0b5d7261a2dd334535f48038
CVE-2017-18271 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulner ...)
- {DLA-1785-1 DLA-1381-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1381-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/911
NOTE: https://github.com/ImageMagick/ImageMagick/commit/7523250e2664028aa1d8f02d2d7ae49c769a851e
@@ -1717,6 +1717,7 @@ CVE-2017-18214 (The moment module before 2.19.3 for Node.js is prone to a regula
CVE-2017-18212 (An issue was discovered in JerryScript 1.0. There is a heap-based buff ...)
NOT-FOR-US: JerryScript
CVE-2017-18211 (In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was fou ...)
+ {DLA-2366-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low)
[jessie] - imagemagick <not-affected> (vulnerable code not present)
[wheezy] - imagemagick <not-affected> (vulnerable code not present)
@@ -1730,6 +1731,7 @@ CVE-2017-18210 (In ImageMagick 7.0.7, a NULL pointer dereference vulnerability w
NOTE: The commit referenced the wrong issue in the upstream issue tracker, but
NOTE: as noted in https://github.com/ImageMagick/ImageMagick/issues/791#issuecomment-334050314
CVE-2017-18209 (In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in Im ...)
+ {DLA-2366-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low)
[jessie] - imagemagick <not-affected> (vulnerable code not present)
[wheezy] - imagemagick <not-affected> (vulnerable code not present)
@@ -2392,7 +2394,7 @@ CVE-2017-1000478 (ELabftw version 1.7.8 is vulnerable to stored cross-site scrip
CVE-2017-1000477 (XMLBundle version 0.1.7 is vulnerable to XXE attacks which can result ...)
NOT-FOR-US: XMLBundle
CVE-2017-1000476 (ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in ...)
- {DLA-1785-1 DLA-1229-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1229-1}
- imagemagick 8:6.9.9.34+dfsg-3
NOTE: https://github.com/ImageMagick/ImageMagick/issues/867
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e5dae180b9236bccd73ce93bfce81e99232a8533
@@ -2507,7 +2509,7 @@ CVE-2017-1000449
CVE-2017-1000448 (Structured Data Linter versions 2.4.1 and older are vulnerable to a di ...)
NOT-FOR-US: Structured Data Linter
CVE-2017-1000445 (ImageMagick 7.0.7-1 and older version are vulnerable to null pointer d ...)
- {DLA-1785-1 DLA-1229-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1229-1}
- imagemagick 8:6.9.9.34+dfsg-3 (bug #886281)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/775
NOTE: https://github.com/ImageMagick/ImageMagick/commit/441fde32557eb3cec573b0f877ac324173feed7f
@@ -2844,7 +2846,7 @@ CVE-2017-17915 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-base
NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/1721f1b7e67a
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/535/
CVE-2017-17914 (In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ...)
- {DLA-1785-1 DLA-1227-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1227-1}
- imagemagick 8:6.9.9.34+dfsg-3 (bug #886584)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/908
NOTE: https://github.com/ImageMagick/ImageMagick/commit/650ec57d84b7b1dce66435b8cd3b58f7ae66db1b
@@ -3606,7 +3608,7 @@ CVE-2017-17684 (Panda Global Protection 17.0.1 allows a system crash via a 0xb37
CVE-2017-17683 (Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c44 ...)
NOT-FOR-US: Panda Global Protection
CVE-2017-17682 (In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in t ...)
- {DLA-1785-1 DLA-1227-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1227-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #885942)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/870
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/da649f031e36753c69268c5c027e695b8ae45e9a
@@ -10261,7 +10263,7 @@ CVE-2017-15283
CVE-2017-15282
RESERVED
CVE-2017-15281 (ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote atta ...)
- {DLA-1785-1 DLA-1139-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1139-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878579)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/832
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e9d1c2adae866861a291535997b2263f26becb1e
@@ -11228,7 +11230,7 @@ CVE-2017-15018 (LAME 3.99.5 has a heap-based buffer over-read when handling a ma
NOTE: version, although the internal lame code was only fixed in 3.100 (strictly speaking that would be
NOTE: severity:unimportant for stretch onwards, but we don't have suite-specific severity annotations
CVE-2017-15017 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability i ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878554)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/723
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5a1006a249516a875558c3d642e719b1eac8f820
@@ -11241,7 +11243,7 @@ CVE-2017-15016 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerabi
NOTE: https://github.com/ImageMagick/ImageMagick/commit/27f8ba82ddd665ab41cef6588128f680cbd69905
NOTE: emf.c not compiled under Debian
CVE-2017-15015 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability i ...)
- {DLA-1785-1}
+ {DLA-2366-1 DLA-1785-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878555)
[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/724
@@ -12028,7 +12030,7 @@ CVE-2017-14743 (Faleemi FSC-880 00.01.01.0048P2 devices allow unauthenticated SQ
CVE-2017-14742 (Buffer overflow in LabF nfsAxe FTP client 3.7 allows an attacker to ex ...)
NOT-FOR-US: LabF nfsAxe
CVE-2017-14741 (The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7 ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878548)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/771
NOTE: https://github.com/ImageMagick/ImageMagick/commit/7d8e14899c562157c7760a77fc91625a27cb596f
@@ -12036,7 +12038,7 @@ CVE-2017-14741 (The ReadCAPTIONImage function in coders/caption.c in ImageMagick
CVE-2017-14740 (Cross-site scripting (XSS) vulnerability in GeniXCMS 1.1.0 allows remo ...)
NOT-FOR-US: GeniXCMS
CVE-2017-14739 (The AcquireResampleFilterThreadSet function in magick/resample-private ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878547)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/780
NOTE: https://github.com/ImageMagick/ImageMagick/commit/6017a80fe8327fefb77fa677d81154db2b857d1d
@@ -12406,7 +12408,7 @@ CVE-2017-14628 (In sam2p 0.49.3, a heap-based buffer overflow exists in the pcxL
CVE-2017-14627 (Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote ...)
NOT-FOR-US: CyberLink LabelPrint
CVE-2017-14626 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability i ...)
- {DLA-1785-1}
+ {DLA-2366-1 DLA-1785-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878524)
[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/720
@@ -12414,13 +12416,13 @@ CVE-2017-14626 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerabi
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/90b301db18434b2c2228776d06c2898b5fed74f0
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/cc797c296c30f3ec31cd02418b58a2c27549b0a9
CVE-2017-14625 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability i ...)
- {DLA-1785-1}
+ {DLA-2366-1 DLA-1785-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #877355)
[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/721
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/cc797c296c30f3ec31cd02418b58a2c27549b0a9
CVE-2017-14624 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability i ...)
- {DLA-1785-1}
+ {DLA-2366-1 DLA-1785-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #877354)
[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/722
@@ -12650,7 +12652,7 @@ CVE-2017-14533 (ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/
NOTE: https://github.com/ImageMagick/ImageMagick/commit/f1f2089e79bcf5714cefba7cdc47049b4ac53c6b
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bdfc5538051ad0d1c2083ba2a29180ff6abea907
CVE-2017-14532 (ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags i ...)
- {DLA-1785-1}
+ {DLA-2366-1 DLA-1785-1}
- imagemagick 8:6.9.9.34+dfsg-3 (bug #878541)
[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/719
@@ -12738,7 +12740,7 @@ CVE-2017-14507 (Multiple SQL injection vulnerabilities in the Content Timeline p
CVE-2017-14506 (geminabox (aka Gem in a Box) before 0.13.6 has XSS, as demonstrated by ...)
NOT-FOR-US: geminabox
CVE-2017-14505 (DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 m ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878545)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/716
NOTE: https://github.com/ImageMagick/ImageMagick/commit/6ad5fc3c9b652eec27fc0b1a0817159f8547d5d9
@@ -13106,7 +13108,7 @@ CVE-2017-14402 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injec
CVE-2017-14401 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection v ...)
NOT-FOR-US: EyesOfNetwork (EON)
CVE-2017-14400 (In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/c ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878546)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/746
NOTE: im6 patch: https://github.com/ImageMagick/ImageMagick/commit/04b863f15effa4375e4ee42f413f0246062b48af
@@ -13230,7 +13232,7 @@ CVE-2017-14342 (ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in Rea
NOTE: https://github.com/ImageMagick/ImageMagick/commit/4e378ea8fb99e869768f34e900105e8c769adfcd
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6d5b22baedd49ef8a35011789bd600762ce1ef21
CVE-2017-14341 (ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #876105)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/654
NOTE: https://github.com/ImageMagick/ImageMagick/commit/7d63315a64267c565d1f34b9cb523a14616fed24
@@ -13484,7 +13486,7 @@ CVE-2017-14251 (Unrestricted File Upload vulnerability in the fileDenyPattern in
CVE-2017-14250 (In TP-LINK TL-WR741N / TL-WR741ND 150M Wireless Lite N Router with Fir ...)
NOT-FOR-US: TP-LINK Router
CVE-2017-14249 (ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coder ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #876099)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/708
NOTE: https://github.com/ImageMagick/ImageMagick/commit/2071d67ebf729f76d73c33c1152df4816d1d79ac
@@ -13696,23 +13698,23 @@ CVE-2017-14177 (Apport through 2.20.7 does not properly handle core dumps from s
CVE-2017-14181 (DeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc 0.17.5 ...)
NOT-FOR-US: aacplusenc
CVE-2017-14175 (In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() du ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875502)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/712
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/b8c63b156bf26b52e710b1a0643c846a6cd01e56
CVE-2017-14174 (In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInte ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875503)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/714
NOTE: https://github.com/ImageMagick/ImageMagick/commit/04a567494786d5bb50894fc8bb8fea0cf496bea8
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/f68a98a9d385838a1c73ec960a14102949940a64
CVE-2017-14173 (In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10 ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875504)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/713
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/48bcf7c39302cdf9b0d9202ad03bf1b95152c44d
CVE-2017-14172 (In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875506)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/715
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8598a497e2d1f556a34458cf54b40ba40674734c
@@ -14132,7 +14134,7 @@ CVE-2017-14061 (Integer overflow in the _isBidi function in bidi.c in Libidn2 be
- libidn <not-affected> (Vulnerable code not present)
NOTE: https://gitlab.com/libidn/libidn2/commit/16853b6973a1e72fee2b7cccda85472cb9951305
CVE-2017-14060 (In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present i ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878506)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/710
NOTE: https://github.com/ImageMagick/ImageMagick/commit/c535e1f1a6b1faaa35e007df4fc535ec08daa97c
@@ -14812,7 +14814,7 @@ CVE-2017-13769 (The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageM
NOTE: https://github.com/ImageMagick/ImageMagick/commit/5a3897693a8b4e97add649c0ca1d538bd90f59c9
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/abb9d1322317733b799e8b87b2e346b3038f3260
CVE-2017-13768 (Null Pointer Dereference in the IdentifyImage function in MagickCore/i ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875352)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/706
NOTE: https://github.com/ImageMagick/ImageMagick/commit/152e510e2b7858efe5992ed95090d8e0049417f3
@@ -16369,7 +16371,7 @@ CVE-2017-13134 (In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based b
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/1b234b4fe2ec864b2d5af898a31c06c9736da904
NOTE: GraphicsMagick: http://hg.code.sf.net/p/graphicsmagick/code/rev/1b47e0078e05
CVE-2017-13133 (In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks ...)
- {DLA-1785-1 DLA-1081-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1081-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #873100)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/679
NOTE: https://github.com/ImageMagick/ImageMagick/commit/19dbe11c5060f66abb393d1945107c5f54894fa8
@@ -16587,6 +16589,7 @@ CVE-2017-13062 (In ImageMagick 7.0.6-6, a memory leak vulnerability was found in
- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/669
CVE-2017-13061 (In ImageMagick 7.0.6-5, a length-validation vulnerability was found in ...)
+ {DLA-2366-1}
- imagemagick 8:6.9.9.34+dfsg-3 (bug #873131)
[jessie] - imagemagick <not-affected> (Vulnerable code not present)
[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
@@ -17230,7 +17233,7 @@ CVE-2017-12876 (Heap-based buffer overflow in enhance.c in ImageMagick before 7.
NOTE: https://github.com/ImageMagick/ImageMagick/issues/663
NOTE: https://github.com/ImageMagick/ImageMagick/commit/1cc6f0ccc92c20c7cab6c4a7335daf29c91f0d8e
CVE-2017-12875 (The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remot ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #873871)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/659
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6f95e543c80319721e22d623bb23712cd29afa9e
@@ -17449,6 +17452,7 @@ CVE-2017-12808
CVE-2017-12807
REJECTED
CVE-2017-12806 (In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in ...)
+ {DLA-2366-1}
- imagemagick 8:6.9.9.34+dfsg-3
[jessie] - imagemagick <ignored> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/660
@@ -17765,19 +17769,19 @@ CVE-2017-1000099 (When asking to get a file from a file:// URL, libcurl provides
NOTE: https://curl.haxx.se/CVE-2017-1000099.patch
NOTE: Introduced by: https://github.com/curl/curl/commit/7c312f84ea930d8
CVE-2017-12693 (The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allow ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875341)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/652
NOTE: https://github.com/ImageMagick/ImageMagick/commit/75fcbf5d649bba046c6a0db650a518f7bfc0fb3f
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6709bd585b9609a9cf98a7042089f3e725886d5e
CVE-2017-12692 (The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 all ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875339)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/653
NOTE: https://github.com/ImageMagick/ImageMagick/commit/4a25fe5447bfb3a1918a2e9d595928e853b09d2e
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5919dc606bc1d6022d3d2d205a91fdbe98de9e15
CVE-2017-12691 (The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allow ...)
- {DLA-1785-1 DLA-1131-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875338)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/656
NOTE: https://github.com/ImageMagick/ImageMagick/commit/f1ea048a3a34df293764502401d966aeacf9179d
@@ -17829,7 +17833,7 @@ CVE-2017-12675 (In ImageMagick 7.0.6-3, a missing check for multidimensional dat
NOTE: https://github.com/ImageMagick/ImageMagick/commit/7a020acbcfea6e53eff6766c87ea175eac9dcd18
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e33a39a6a168cdd800fd160e8f93f0059432bdf7
CVE-2017-12674 (In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in th ...)
- {DLA-1785-1 DLA-1081-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1081-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #872609)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/604
NOTE: https://github.com/ImageMagick/ImageMagick/commit/91651bd482b6637cf650700ffd7b3b63de1cb049
@@ -18232,7 +18236,7 @@ CVE-2017-12564 (In ImageMagick 7.0.6-2, a memory leak vulnerability was found in
NOTE: https://github.com/ImageMagick/ImageMagick/commit/ff3faa31166439d81b72de22daea2b6404569137
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/a4779cfbee2e4235fa9f9f8f2e58dca17f7ccc6b
CVE-2017-12563 (In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in ...)
- {DLA-1785-1 DLA-1081-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1081-1}
- imagemagick 8:6.9.7.4+dfsg-16 (low; bug #870530)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/599
NOTE: https://github.com/ImageMagick/ImageMagick/commit/82b53bd74df1489332e4043035a51b43f54d43f1
@@ -18576,7 +18580,7 @@ CVE-2017-12437
CVE-2017-12436
RESERVED
CVE-2017-12435 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
- {DLA-1785-1 DLA-1081-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1081-1}
- imagemagick 8:6.9.7.4+dfsg-16 (low; bug #870504)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/543
NOTE: https://github.com/ImageMagick/ImageMagick/commit/2dd8d55742fce7d079b6a16039c18e49c091224f
@@ -18595,7 +18599,7 @@ CVE-2017-12432 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was fo
NOTE: https://github.com/ImageMagick/ImageMagick/commit/061de02095a56d438409c63f723f340b2d9d36c7
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/3ded916c5da6febe9660c3cfa44c3114567adf74
CVE-2017-12429 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
- {DLA-1081-1}
+ {DLA-2366-1 DLA-1081-1}
- imagemagick 8:6.9.7.4+dfsg-13
[jessie] - imagemagick <ignored> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/545
@@ -19379,7 +19383,7 @@ CVE-2017-12141 (In ytnef 1.9.2, a heap-based buffer overflow vulnerability was f
[wheezy] - libytnef <no-dsa> (Minor issue)
NOTE: https://github.com/Yeraze/ytnef/issues/50
CVE-2017-12140 (The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has a ...)
- {DLA-1785-1 DLA-1081-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1081-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #873059)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/533
NOTE: https://github.com/ImageMagick/ImageMagick/commit/94933146cb2d9d95889a385f08d5eb5f92d4e3cd
@@ -20273,7 +20277,7 @@ CVE-2017-13139 (In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOn
- imagemagick 8:6.9.7.4+dfsg-15 (bug #870109)
NOTE: https://github.com/ImageMagick/ImageMagick/commit/22e0310345499ffe906c604428f2a3a668942b05
CVE-2017-12643 (ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJN ...)
- {DLA-1785-1 DLA-1081-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1081-1}
- imagemagick 8:6.9.7.4+dfsg-15 (low; bug #870107)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/549
NOTE: https://github.com/ImageMagick/ImageMagick/commit/9eedb5660f1704cde8e8cd784c5c2a09dd2fd60f
@@ -20402,13 +20406,13 @@ CVE-2017-11724 (The ReadMATImage function in coders/mat.c in ImageMagick through
NOTE: https://github.com/ImageMagick/ImageMagick/issues/624
NOTE: https://github.com/ImageMagick/ImageMagick/commit/5163756a1f829a561912dfdb74a0dae41d8ed8cf
CVE-2017-12670 (In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, ...)
- {DLA-1785-1 DLA-1081-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1081-1}
- imagemagick 8:6.9.7.4+dfsg-14 (low; bug #870020)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/610
NOTE: https://github.com/ImageMagick/ImageMagick/commit/ab440f9ea11e0dbefb7a808cbb9441198758b0cb
NOTE: https://github.com/ImageMagick/ImageMagick/commit/75db34b6a4d642cb6f88c792942de27490c900e0
CVE-2017-13658 (In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missi ...)
- {DLA-1785-1 DLA-1081-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1081-1}
- imagemagick 8:6.9.7.4+dfsg-14 (low; bug #870019)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/598
NOTE: https://github.com/ImageMagick/ImageMagick/commit/e5c063a1007506ba69e97a35effcdef944421c89
@@ -20815,7 +20819,7 @@ CVE-2017-13144 (In ImageMagick before 6.9.7-10, there is a crash (rather than a
NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31438
NOTE: https://github.com/ImageMagick/ImageMagick/commit/9b580ad0564aefd9beeccbcbb8d62ccd05795a84
CVE-2017-12430 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
- {DLA-1785-1 DLA-1081-1}
+ {DLA-2366-1 DLA-1785-1 DLA-1081-1}
- imagemagick 8:6.9.7.4+dfsg-13 (low; bug #869727)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/546
NOTE: https://github.com/ImageMagick/ImageMagick/commit/98e5d0001cda195da0e8ea7650ab85c6f8333ff5

© 2014-2024 Faster IT GmbH | imprint | privacy policy