ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).
References
Configurations
History
07 Nov 2023, 03:54
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
06 Apr 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
11 Mar 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
22 Feb 2023, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
17 Feb 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
15 Feb 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Feb 2023, 19:20
Type | Values Removed | Values Added |
---|---|---|
First Time |
Imagemagick
Imagemagick imagemagick |
|
CPE | cpe:2.3:a:imagemagick:imagemagick:7.1.0-49:*:*:*:*:*:*:* | |
CWE | NVD-CWE-noinfo | |
References | (MISC) https://imagemagick.org/ - Product | |
References | (MISC) https://www.metabaseq.com/imagemagick-zero-days/ - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
06 Feb 2023, 21:39
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-06 21:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-44268
Mitre link : CVE-2022-44268
CVE.ORG link : CVE-2022-44268
JSON object : View
Products Affected
imagemagick
- imagemagick
CWE