ImageMagick (SUSE:Linux Enterprise Module for Development Tools 15 SP4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Development Tools 15 SP4 package ImageMagick, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (14)
CVE-2022-32545 — CVSS 7.8 (high): A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c…
CVE-2023-34153 — CVSS 7.8 (high): A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or…
CVE-2022-32546 — CVSS 7.8 (high): A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c…
CVE-2022-32547 — CVSS 7.8 (high): In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires…
CVE-2022-44268 — CVSS 6.5 (medium): ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have…
CVE-2022-44267 — CVSS 6.5 (medium): ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left…
CVE-2023-1289 — CVSS 5.5 (medium): A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw…
CVE-2023-1906 — CVSS 5.5 (medium): A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An…
CVE-2023-34151 — CVSS 5.5 (medium): A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and…
CVE-2022-3213 — CVSS 5.5 (medium): A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined…
CVE-2023-34474 — CVSS 5.5 (medium): A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could…
CVE-2022-2719 — CVSS 5.5 (medium): In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a…