ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input.
References
Configurations
History
07 Nov 2023, 03:54
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
11 Mar 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
22 Feb 2023, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
17 Feb 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
15 Feb 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Feb 2023, 19:13
Type | Values Removed | Values Added |
---|---|---|
First Time |
Imagemagick
Imagemagick imagemagick |
|
CWE | CWE-404 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
References | (MISC) https://imagemagick.org/ - Product | |
References | (MISC) https://www.metabaseq.com/imagemagick-zero-days/ - Exploit, Third Party Advisory | |
CPE | cpe:2.3:a:imagemagick:imagemagick:7.1.0-49:*:*:*:*:*:*:* |
06 Feb 2023, 21:39
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-06 21:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-44267
Mitre link : CVE-2022-44267
CVE.ORG link : CVE-2022-44267
JSON object : View
Products Affected
imagemagick
- imagemagick
CWE
CWE-404
Improper Resource Shutdown or Release