Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-12672 (GCVE-0-2020-12672)
Vulnerability from cvelistv5
Published
2020-05-06 02:47
Modified
2024-08-04 12:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025"
},
{
"name": "[debian-lts-announce] 20200607 [SECURITY] [DLA 2236-1] graphicsmagick security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00004.html"
},
{
"name": "openSUSE-SU-2020:0779",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00008.html"
},
{
"name": "openSUSE-SU-2020:0788",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00012.html"
},
{
"name": "GLSA-202209-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202209-19"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-29T16:07:47",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025"
},
{
"name": "[debian-lts-announce] 20200607 [SECURITY] [DLA 2236-1] graphicsmagick security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00004.html"
},
{
"name": "openSUSE-SU-2020:0779",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00008.html"
},
{
"name": "openSUSE-SU-2020:0788",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00012.html"
},
{
"name": "GLSA-202209-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202209-19"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12672",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025"
},
{
"name": "[debian-lts-announce] 20200607 [SECURITY] [DLA 2236-1] graphicsmagick security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00004.html"
},
{
"name": "openSUSE-SU-2020:0779",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00008.html"
},
{
"name": "openSUSE-SU-2020:0788",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00012.html"
},
{
"name": "GLSA-202209-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202209-19"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12672",
"datePublished": "2020-05-06T02:47:51",
"dateReserved": "2020-05-06T00:00:00",
"dateUpdated": "2024-08-04T12:04:22.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2020-12672\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-05-06T03:15:11.230\",\"lastModified\":\"2024-11-21T05:00:02.497\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.\"},{\"lang\":\"es\",\"value\":\"GraphicsMagick versiones hasta 1.3.35, presenta un desbordamiento del b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n ReadMNGImage en el archivo coders/png.c.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.3.35\",\"matchCriteriaId\":\"BF6ADDFF-81B7-439D-B757-3B3AAF3AAA71\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"40513095-7E6E-46B3-B604-C926F1BA3568\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00008.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00012.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/06/msg00004.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202209-19\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/06/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202209-19\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
wid-sec-w-2022-1571
Vulnerability from csaf_certbund
Published
2020-05-05 22:00
Modified
2023-03-27 22:00
Summary
GraphicsMagick: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Benutzerrechten
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
ImageMagick und GraphicsMagick sind Sammlungen von Programmbibliotheken und Werkzeugen, die Grafiken in zahlreichen Formaten verarbeiten können.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in GraphicsMagick ausnutzen, um beliebigen Programmcode mit Benutzerrechten auszuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "ImageMagick und GraphicsMagick sind Sammlungen von Programmbibliotheken und Werkzeugen, die Grafiken in zahlreichen Formaten verarbeiten k\u00f6nnen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in GraphicsMagick ausnutzen, um beliebigen Programmcode mit Benutzerrechten auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1571 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2022-1571.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1571 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1571"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5974-1 vom 2023-03-27",
"url": "https://ubuntu.com/security/notices/USN-5974-1"
},
{
"category": "external",
"summary": "NIST Database vom 2020-05-05",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12672"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-2236 vom 2020-06-07",
"url": "https://www.linuxsecurity.com/advisories/deblts/debian-lts-dla-2236-1-graphicsmagick-security-update-09-39-33?rss"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202209-19 vom 2022-09-29",
"url": "https://security.gentoo.org/glsa/202209-19"
}
],
"source_lang": "en-US",
"title": "GraphicsMagick: Schwachstelle erm\u00f6glicht Ausf\u00fchren von beliebigem Programmcode mit Benutzerrechten",
"tracking": {
"current_release_date": "2023-03-27T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:35:49.781+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-1571",
"initial_release_date": "2020-05-05T22:00:00.000+00:00",
"revision_history": [
{
"date": "2020-05-05T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2020-06-07T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2022-09-29T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2023-03-27T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Ubuntu aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source GraphicsMagick \u003c= 1.3.35",
"product": {
"name": "Open Source GraphicsMagick \u003c= 1.3.35",
"product_id": "714838",
"product_identification_helper": {
"cpe": "cpe:/a:graphicsmagick:graphicsmagick:1.3.35"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-12672",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in GraphicsMagick. Hierbei handelt es sich um einen Heap-basierten Puffer\u00fcberlauf in ReadMNGImage in coders/png.c. Ein entfernter anonymer Angreifer kann diese Schwachstelle ausnutzen, um potentiell beliebigen Code mit den Privilegien des angemeldeten Nutzers zur Ausf\u00fchrung zu bringen. Zur erfolgreichen Ausnutzung dieser Schwachstelle muss der Angreifer den Benutzer dazu bringen, eine modifizierte Datei zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"T000126",
"T012167"
],
"last_affected": [
"714838"
]
},
"release_date": "2020-05-05T22:00:00.000+00:00",
"title": "CVE-2020-12672"
}
]
}
opensuse-su-2020:0779-1
Vulnerability from csaf_opensuse
Published
2020-06-07 22:17
Modified
2020-06-07 22:17
Summary
Security update for GraphicsMagick
Notes
Title of the patch
Security update for GraphicsMagick
Description of the patch
This update for GraphicsMagick fixes the following issues:
- CVE-2020-12672: heap-based buffer overflow in ReadMNGImage in coders/png.c. (boo#1171271)
Patchnames
openSUSE-2020-779
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for GraphicsMagick",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for GraphicsMagick fixes the following issues:\n\n- CVE-2020-12672: heap-based buffer overflow in ReadMNGImage in coders/png.c. (boo#1171271)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-779",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_0779-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:0779-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FSODH3CKHT2Z642XWUS6HGRXWRVWYZVC/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:0779-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FSODH3CKHT2Z642XWUS6HGRXWRVWYZVC/"
},
{
"category": "self",
"summary": "SUSE Bug 1171271",
"url": "https://bugzilla.suse.com/1171271"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12672 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12672/"
}
],
"title": "Security update for GraphicsMagick",
"tracking": {
"current_release_date": "2020-06-07T22:17:14Z",
"generator": {
"date": "2020-06-07T22:17:14Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:0779-1",
"initial_release_date": "2020-06-07T22:17:14Z",
"revision_history": [
{
"date": "2020-06-07T22:17:14Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.3.29-lp151.4.20.1.x86_64",
"product": {
"name": "GraphicsMagick-1.3.29-lp151.4.20.1.x86_64",
"product_id": "GraphicsMagick-1.3.29-lp151.4.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "GraphicsMagick-devel-1.3.29-lp151.4.20.1.x86_64",
"product": {
"name": "GraphicsMagick-devel-1.3.29-lp151.4.20.1.x86_64",
"product_id": "GraphicsMagick-devel-1.3.29-lp151.4.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-Q16-12-1.3.29-lp151.4.20.1.x86_64",
"product": {
"name": "libGraphicsMagick++-Q16-12-1.3.29-lp151.4.20.1.x86_64",
"product_id": "libGraphicsMagick++-Q16-12-1.3.29-lp151.4.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-devel-1.3.29-lp151.4.20.1.x86_64",
"product": {
"name": "libGraphicsMagick++-devel-1.3.29-lp151.4.20.1.x86_64",
"product_id": "libGraphicsMagick++-devel-1.3.29-lp151.4.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick-Q16-3-1.3.29-lp151.4.20.1.x86_64",
"product": {
"name": "libGraphicsMagick-Q16-3-1.3.29-lp151.4.20.1.x86_64",
"product_id": "libGraphicsMagick-Q16-3-1.3.29-lp151.4.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick3-config-1.3.29-lp151.4.20.1.x86_64",
"product": {
"name": "libGraphicsMagick3-config-1.3.29-lp151.4.20.1.x86_64",
"product_id": "libGraphicsMagick3-config-1.3.29-lp151.4.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.20.1.x86_64",
"product": {
"name": "libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.20.1.x86_64",
"product_id": "libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.3.29-lp151.4.20.1.x86_64",
"product": {
"name": "perl-GraphicsMagick-1.3.29-lp151.4.20.1.x86_64",
"product_id": "perl-GraphicsMagick-1.3.29-lp151.4.20.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.3.29-lp151.4.20.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:GraphicsMagick-1.3.29-lp151.4.20.1.x86_64"
},
"product_reference": "GraphicsMagick-1.3.29-lp151.4.20.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-devel-1.3.29-lp151.4.20.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:GraphicsMagick-devel-1.3.29-lp151.4.20.1.x86_64"
},
"product_reference": "GraphicsMagick-devel-1.3.29-lp151.4.20.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-Q16-12-1.3.29-lp151.4.20.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libGraphicsMagick++-Q16-12-1.3.29-lp151.4.20.1.x86_64"
},
"product_reference": "libGraphicsMagick++-Q16-12-1.3.29-lp151.4.20.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-devel-1.3.29-lp151.4.20.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libGraphicsMagick++-devel-1.3.29-lp151.4.20.1.x86_64"
},
"product_reference": "libGraphicsMagick++-devel-1.3.29-lp151.4.20.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick-Q16-3-1.3.29-lp151.4.20.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libGraphicsMagick-Q16-3-1.3.29-lp151.4.20.1.x86_64"
},
"product_reference": "libGraphicsMagick-Q16-3-1.3.29-lp151.4.20.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick3-config-1.3.29-lp151.4.20.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libGraphicsMagick3-config-1.3.29-lp151.4.20.1.x86_64"
},
"product_reference": "libGraphicsMagick3-config-1.3.29-lp151.4.20.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.20.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.20.1.x86_64"
},
"product_reference": "libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.20.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.3.29-lp151.4.20.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:perl-GraphicsMagick-1.3.29-lp151.4.20.1.x86_64"
},
"product_reference": "perl-GraphicsMagick-1.3.29-lp151.4.20.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-12672",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12672"
}
],
"notes": [
{
"category": "general",
"text": "GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:GraphicsMagick-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:GraphicsMagick-devel-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:libGraphicsMagick++-Q16-12-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:libGraphicsMagick++-devel-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:libGraphicsMagick-Q16-3-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:libGraphicsMagick3-config-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:perl-GraphicsMagick-1.3.29-lp151.4.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12672",
"url": "https://www.suse.com/security/cve/CVE-2020-12672"
},
{
"category": "external",
"summary": "SUSE Bug 1171271 for CVE-2020-12672",
"url": "https://bugzilla.suse.com/1171271"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:GraphicsMagick-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:GraphicsMagick-devel-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:libGraphicsMagick++-Q16-12-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:libGraphicsMagick++-devel-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:libGraphicsMagick-Q16-3-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:libGraphicsMagick3-config-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:perl-GraphicsMagick-1.3.29-lp151.4.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:GraphicsMagick-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:GraphicsMagick-devel-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:libGraphicsMagick++-Q16-12-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:libGraphicsMagick++-devel-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:libGraphicsMagick-Q16-3-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:libGraphicsMagick3-config-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.20.1.x86_64",
"openSUSE Leap 15.1:perl-GraphicsMagick-1.3.29-lp151.4.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-07T22:17:14Z",
"details": "important"
}
],
"title": "CVE-2020-12672"
}
]
}
opensuse-su-2024:10596-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
GraphicsMagick-1.3.36-1.7 on GA media
Notes
Title of the patch
GraphicsMagick-1.3.36-1.7 on GA media
Description of the patch
These are all security issues fixed in the GraphicsMagick-1.3.36-1.7 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10596
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "GraphicsMagick-1.3.36-1.7 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the GraphicsMagick-1.3.36-1.7 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10596",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10596-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2006-3744 page",
"url": "https://www.suse.com/security/cve/CVE-2006-3744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2006-5456 page",
"url": "https://www.suse.com/security/cve/CVE-2006-5456/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2007-1797 page",
"url": "https://www.suse.com/security/cve/CVE-2007-1797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2007-4985 page",
"url": "https://www.suse.com/security/cve/CVE-2007-4985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2007-4988 page",
"url": "https://www.suse.com/security/cve/CVE-2007-4988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2008-1096 page",
"url": "https://www.suse.com/security/cve/CVE-2008-1096/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2008-1097 page",
"url": "https://www.suse.com/security/cve/CVE-2008-1097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7800 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7996 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7997 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9830 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-10794 page",
"url": "https://www.suse.com/security/cve/CVE-2017-10794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-10799 page",
"url": "https://www.suse.com/security/cve/CVE-2017-10799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-10800 page",
"url": "https://www.suse.com/security/cve/CVE-2017-10800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6335 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6335/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-8350 page",
"url": "https://www.suse.com/security/cve/CVE-2017-8350/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12672 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12672/"
}
],
"title": "GraphicsMagick-1.3.36-1.7 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10596-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.3.36-1.7.aarch64",
"product": {
"name": "GraphicsMagick-1.3.36-1.7.aarch64",
"product_id": "GraphicsMagick-1.3.36-1.7.aarch64"
}
},
{
"category": "product_version",
"name": "GraphicsMagick-devel-1.3.36-1.7.aarch64",
"product": {
"name": "GraphicsMagick-devel-1.3.36-1.7.aarch64",
"product_id": "GraphicsMagick-devel-1.3.36-1.7.aarch64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"product": {
"name": "libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"product_id": "libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"product": {
"name": "libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"product_id": "libGraphicsMagick++-devel-1.3.36-1.7.aarch64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"product": {
"name": "libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"product_id": "libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"product": {
"name": "libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"product_id": "libGraphicsMagick3-config-1.3.36-1.7.aarch64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"product": {
"name": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"product_id": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.3.36-1.7.aarch64",
"product": {
"name": "perl-GraphicsMagick-1.3.36-1.7.aarch64",
"product_id": "perl-GraphicsMagick-1.3.36-1.7.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.3.36-1.7.ppc64le",
"product": {
"name": "GraphicsMagick-1.3.36-1.7.ppc64le",
"product_id": "GraphicsMagick-1.3.36-1.7.ppc64le"
}
},
{
"category": "product_version",
"name": "GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"product": {
"name": "GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"product_id": "GraphicsMagick-devel-1.3.36-1.7.ppc64le"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"product": {
"name": "libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"product_id": "libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"product": {
"name": "libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"product_id": "libGraphicsMagick++-devel-1.3.36-1.7.ppc64le"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"product": {
"name": "libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"product_id": "libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"product": {
"name": "libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"product_id": "libGraphicsMagick3-config-1.3.36-1.7.ppc64le"
}
},
{
"category": "product_version",
"name": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"product": {
"name": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"product_id": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"product": {
"name": "perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"product_id": "perl-GraphicsMagick-1.3.36-1.7.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.3.36-1.7.s390x",
"product": {
"name": "GraphicsMagick-1.3.36-1.7.s390x",
"product_id": "GraphicsMagick-1.3.36-1.7.s390x"
}
},
{
"category": "product_version",
"name": "GraphicsMagick-devel-1.3.36-1.7.s390x",
"product": {
"name": "GraphicsMagick-devel-1.3.36-1.7.s390x",
"product_id": "GraphicsMagick-devel-1.3.36-1.7.s390x"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"product": {
"name": "libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"product_id": "libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"product": {
"name": "libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"product_id": "libGraphicsMagick++-devel-1.3.36-1.7.s390x"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"product": {
"name": "libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"product_id": "libGraphicsMagick-Q16-3-1.3.36-1.7.s390x"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick3-config-1.3.36-1.7.s390x",
"product": {
"name": "libGraphicsMagick3-config-1.3.36-1.7.s390x",
"product_id": "libGraphicsMagick3-config-1.3.36-1.7.s390x"
}
},
{
"category": "product_version",
"name": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"product": {
"name": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"product_id": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.3.36-1.7.s390x",
"product": {
"name": "perl-GraphicsMagick-1.3.36-1.7.s390x",
"product_id": "perl-GraphicsMagick-1.3.36-1.7.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.3.36-1.7.x86_64",
"product": {
"name": "GraphicsMagick-1.3.36-1.7.x86_64",
"product_id": "GraphicsMagick-1.3.36-1.7.x86_64"
}
},
{
"category": "product_version",
"name": "GraphicsMagick-devel-1.3.36-1.7.x86_64",
"product": {
"name": "GraphicsMagick-devel-1.3.36-1.7.x86_64",
"product_id": "GraphicsMagick-devel-1.3.36-1.7.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"product": {
"name": "libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"product_id": "libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"product": {
"name": "libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"product_id": "libGraphicsMagick++-devel-1.3.36-1.7.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"product": {
"name": "libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"product_id": "libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"product": {
"name": "libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"product_id": "libGraphicsMagick3-config-1.3.36-1.7.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"product": {
"name": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"product_id": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.3.36-1.7.x86_64",
"product": {
"name": "perl-GraphicsMagick-1.3.36-1.7.x86_64",
"product_id": "perl-GraphicsMagick-1.3.36-1.7.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.3.36-1.7.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64"
},
"product_reference": "GraphicsMagick-1.3.36-1.7.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.3.36-1.7.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le"
},
"product_reference": "GraphicsMagick-1.3.36-1.7.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.3.36-1.7.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x"
},
"product_reference": "GraphicsMagick-1.3.36-1.7.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.3.36-1.7.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64"
},
"product_reference": "GraphicsMagick-1.3.36-1.7.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-devel-1.3.36-1.7.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64"
},
"product_reference": "GraphicsMagick-devel-1.3.36-1.7.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-devel-1.3.36-1.7.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le"
},
"product_reference": "GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-devel-1.3.36-1.7.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x"
},
"product_reference": "GraphicsMagick-devel-1.3.36-1.7.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-devel-1.3.36-1.7.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64"
},
"product_reference": "GraphicsMagick-devel-1.3.36-1.7.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64"
},
"product_reference": "libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le"
},
"product_reference": "libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x"
},
"product_reference": "libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64"
},
"product_reference": "libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-devel-1.3.36-1.7.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64"
},
"product_reference": "libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-devel-1.3.36-1.7.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le"
},
"product_reference": "libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-devel-1.3.36-1.7.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x"
},
"product_reference": "libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-devel-1.3.36-1.7.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64"
},
"product_reference": "libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64"
},
"product_reference": "libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le"
},
"product_reference": "libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick-Q16-3-1.3.36-1.7.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x"
},
"product_reference": "libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64"
},
"product_reference": "libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick3-config-1.3.36-1.7.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64"
},
"product_reference": "libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick3-config-1.3.36-1.7.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le"
},
"product_reference": "libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick3-config-1.3.36-1.7.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x"
},
"product_reference": "libGraphicsMagick3-config-1.3.36-1.7.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick3-config-1.3.36-1.7.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64"
},
"product_reference": "libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64"
},
"product_reference": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le"
},
"product_reference": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x"
},
"product_reference": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64"
},
"product_reference": "libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.3.36-1.7.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64"
},
"product_reference": "perl-GraphicsMagick-1.3.36-1.7.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.3.36-1.7.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le"
},
"product_reference": "perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.3.36-1.7.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x"
},
"product_reference": "perl-GraphicsMagick-1.3.36-1.7.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.3.36-1.7.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
},
"product_reference": "perl-GraphicsMagick-1.3.36-1.7.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-3744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2006-3744"
}
],
"notes": [
{
"category": "general",
"text": "Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2006-3744",
"url": "https://www.suse.com/security/cve/CVE-2006-3744"
},
{
"category": "external",
"summary": "SUSE Bug 198648 for CVE-2006-3744",
"url": "https://bugzilla.suse.com/198648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2006-3744"
},
{
"cve": "CVE-2006-5456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2006-5456"
}
],
"notes": [
{
"category": "general",
"text": "Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2006-5456",
"url": "https://www.suse.com/security/cve/CVE-2006-5456"
},
{
"category": "external",
"summary": "SUSE Bug 215685 for CVE-2006-5456",
"url": "https://bugzilla.suse.com/215685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2006-5456"
},
{
"cve": "CVE-2007-1797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2007-1797"
}
],
"notes": [
{
"category": "general",
"text": "Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2007-1797",
"url": "https://www.suse.com/security/cve/CVE-2007-1797"
},
{
"category": "external",
"summary": "SUSE Bug 258253 for CVE-2007-1797",
"url": "https://bugzilla.suse.com/258253"
},
{
"category": "external",
"summary": "SUSE Bug 279866 for CVE-2007-1797",
"url": "https://bugzilla.suse.com/279866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2007-1797"
},
{
"cve": "CVE-2007-4985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2007-4985"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2007-4985",
"url": "https://www.suse.com/security/cve/CVE-2007-4985"
},
{
"category": "external",
"summary": "SUSE Bug 327021 for CVE-2007-4985",
"url": "https://bugzilla.suse.com/327021"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2007-4985"
},
{
"cve": "CVE-2007-4988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2007-4988"
}
],
"notes": [
{
"category": "general",
"text": "Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2007-4988",
"url": "https://www.suse.com/security/cve/CVE-2007-4988"
},
{
"category": "external",
"summary": "SUSE Bug 327021 for CVE-2007-4988",
"url": "https://bugzilla.suse.com/327021"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2007-4988"
},
{
"cve": "CVE-2008-1096",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2008-1096"
}
],
"notes": [
{
"category": "general",
"text": "The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2008-1096",
"url": "https://www.suse.com/security/cve/CVE-2008-1096"
},
{
"category": "external",
"summary": "SUSE Bug 391364 for CVE-2008-1096",
"url": "https://bugzilla.suse.com/391364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2008-1096"
},
{
"cve": "CVE-2008-1097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2008-1097"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2008-1097",
"url": "https://www.suse.com/security/cve/CVE-2008-1097"
},
{
"category": "external",
"summary": "SUSE Bug 391366 for CVE-2008-1097",
"url": "https://bugzilla.suse.com/391366"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2008-1097"
},
{
"cve": "CVE-2016-7800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7800"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7800",
"url": "https://www.suse.com/security/cve/CVE-2016-7800"
},
{
"category": "external",
"summary": "SUSE Bug 1002422 for CVE-2016-7800",
"url": "https://bugzilla.suse.com/1002422"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7800"
},
{
"cve": "CVE-2016-7996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7996"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7996",
"url": "https://www.suse.com/security/cve/CVE-2016-7996"
},
{
"category": "external",
"summary": "SUSE Bug 1003629 for CVE-2016-7996",
"url": "https://bugzilla.suse.com/1003629"
},
{
"category": "external",
"summary": "SUSE Bug 1067184 for CVE-2016-7996",
"url": "https://bugzilla.suse.com/1067184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7996"
},
{
"cve": "CVE-2016-7997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7997"
}
],
"notes": [
{
"category": "general",
"text": "The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7997",
"url": "https://www.suse.com/security/cve/CVE-2016-7997"
},
{
"category": "external",
"summary": "SUSE Bug 1003629 for CVE-2016-7997",
"url": "https://bugzilla.suse.com/1003629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-7997"
},
{
"cve": "CVE-2016-9830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9830"
}
],
"notes": [
{
"category": "general",
"text": "The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9830",
"url": "https://www.suse.com/security/cve/CVE-2016-9830"
},
{
"category": "external",
"summary": "SUSE Bug 1013640 for CVE-2016-9830",
"url": "https://bugzilla.suse.com/1013640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9830"
},
{
"cve": "CVE-2017-10794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-10794"
}
],
"notes": [
{
"category": "general",
"text": "When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-10794",
"url": "https://www.suse.com/security/cve/CVE-2017-10794"
},
{
"category": "external",
"summary": "SUSE Bug 1112392 for CVE-2017-10794",
"url": "https://bugzilla.suse.com/1112392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-10794"
},
{
"cve": "CVE-2017-10799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-10799"
}
],
"notes": [
{
"category": "general",
"text": "When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-10799",
"url": "https://www.suse.com/security/cve/CVE-2017-10799"
},
{
"category": "external",
"summary": "SUSE Bug 1047054 for CVE-2017-10799",
"url": "https://bugzilla.suse.com/1047054"
},
{
"category": "external",
"summary": "SUSE Bug 1050116 for CVE-2017-10799",
"url": "https://bugzilla.suse.com/1050116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-10799"
},
{
"cve": "CVE-2017-10800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-10800"
}
],
"notes": [
{
"category": "general",
"text": "When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-10800",
"url": "https://www.suse.com/security/cve/CVE-2017-10800"
},
{
"category": "external",
"summary": "SUSE Bug 1047044 for CVE-2017-10800",
"url": "https://bugzilla.suse.com/1047044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-10800"
},
{
"cve": "CVE-2017-6335",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6335"
}
],
"notes": [
{
"category": "general",
"text": "The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6335",
"url": "https://www.suse.com/security/cve/CVE-2017-6335"
},
{
"category": "external",
"summary": "SUSE Bug 1027255 for CVE-2017-6335",
"url": "https://bugzilla.suse.com/1027255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-6335"
},
{
"cve": "CVE-2017-8350",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-8350"
}
],
"notes": [
{
"category": "general",
"text": "In ImageMagick 7.0.5-5, the ReadJNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-8350",
"url": "https://www.suse.com/security/cve/CVE-2017-8350"
},
{
"category": "external",
"summary": "SUSE Bug 1036985 for CVE-2017-8350",
"url": "https://bugzilla.suse.com/1036985"
},
{
"category": "external",
"summary": "SUSE Bug 1053919 for CVE-2017-8350",
"url": "https://bugzilla.suse.com/1053919"
},
{
"category": "external",
"summary": "SUSE Bug 1126909 for CVE-2017-8350",
"url": "https://bugzilla.suse.com/1126909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2017-8350"
},
{
"cve": "CVE-2020-12672",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12672"
}
],
"notes": [
{
"category": "general",
"text": "GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12672",
"url": "https://www.suse.com/security/cve/CVE-2020-12672"
},
{
"category": "external",
"summary": "SUSE Bug 1171271 for CVE-2020-12672",
"url": "https://bugzilla.suse.com/1171271"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.36-1.7.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.36-1.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-12672"
}
]
}
opensuse-su-2020:0788-1
Vulnerability from csaf_opensuse
Published
2020-06-10 12:58
Modified
2020-06-10 12:58
Summary
Security update for GraphicsMagick
Notes
Title of the patch
Security update for GraphicsMagick
Description of the patch
This update for GraphicsMagick fixes the following issues:
- CVE-2020-12672: heap-based buffer overflow in ReadMNGImage in coders/png.c. (boo#1171271)
This update was imported from the openSUSE:Leap:15.1:Update update project.
Patchnames
openSUSE-2020-788
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for GraphicsMagick",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for GraphicsMagick fixes the following issues:\n\n- CVE-2020-12672: heap-based buffer overflow in ReadMNGImage in coders/png.c. (boo#1171271)\n\nThis update was imported from the openSUSE:Leap:15.1:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-788",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_0788-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:0788-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3KARJQKVYQRAHBLAZIRNUKHIGHET67FR/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:0788-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3KARJQKVYQRAHBLAZIRNUKHIGHET67FR/"
},
{
"category": "self",
"summary": "SUSE Bug 1171271",
"url": "https://bugzilla.suse.com/1171271"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12672 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12672/"
}
],
"title": "Security update for GraphicsMagick",
"tracking": {
"current_release_date": "2020-06-10T12:58:47Z",
"generator": {
"date": "2020-06-10T12:58:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:0788-1",
"initial_release_date": "2020-06-10T12:58:47Z",
"revision_history": [
{
"date": "2020-06-10T12:58:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.3.29-bp151.5.15.1.x86_64",
"product": {
"name": "GraphicsMagick-1.3.29-bp151.5.15.1.x86_64",
"product_id": "GraphicsMagick-1.3.29-bp151.5.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "GraphicsMagick-devel-1.3.29-bp151.5.15.1.x86_64",
"product": {
"name": "GraphicsMagick-devel-1.3.29-bp151.5.15.1.x86_64",
"product_id": "GraphicsMagick-devel-1.3.29-bp151.5.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-Q16-12-1.3.29-bp151.5.15.1.x86_64",
"product": {
"name": "libGraphicsMagick++-Q16-12-1.3.29-bp151.5.15.1.x86_64",
"product_id": "libGraphicsMagick++-Q16-12-1.3.29-bp151.5.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-devel-1.3.29-bp151.5.15.1.x86_64",
"product": {
"name": "libGraphicsMagick++-devel-1.3.29-bp151.5.15.1.x86_64",
"product_id": "libGraphicsMagick++-devel-1.3.29-bp151.5.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick-Q16-3-1.3.29-bp151.5.15.1.x86_64",
"product": {
"name": "libGraphicsMagick-Q16-3-1.3.29-bp151.5.15.1.x86_64",
"product_id": "libGraphicsMagick-Q16-3-1.3.29-bp151.5.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick3-config-1.3.29-bp151.5.15.1.x86_64",
"product": {
"name": "libGraphicsMagick3-config-1.3.29-bp151.5.15.1.x86_64",
"product_id": "libGraphicsMagick3-config-1.3.29-bp151.5.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagickWand-Q16-2-1.3.29-bp151.5.15.1.x86_64",
"product": {
"name": "libGraphicsMagickWand-Q16-2-1.3.29-bp151.5.15.1.x86_64",
"product_id": "libGraphicsMagickWand-Q16-2-1.3.29-bp151.5.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.3.29-bp151.5.15.1.x86_64",
"product": {
"name": "perl-GraphicsMagick-1.3.29-bp151.5.15.1.x86_64",
"product_id": "perl-GraphicsMagick-1.3.29-bp151.5.15.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP1",
"product": {
"name": "SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.3.29-bp151.5.15.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:GraphicsMagick-1.3.29-bp151.5.15.1.x86_64"
},
"product_reference": "GraphicsMagick-1.3.29-bp151.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-devel-1.3.29-bp151.5.15.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:GraphicsMagick-devel-1.3.29-bp151.5.15.1.x86_64"
},
"product_reference": "GraphicsMagick-devel-1.3.29-bp151.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-Q16-12-1.3.29-bp151.5.15.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libGraphicsMagick++-Q16-12-1.3.29-bp151.5.15.1.x86_64"
},
"product_reference": "libGraphicsMagick++-Q16-12-1.3.29-bp151.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-devel-1.3.29-bp151.5.15.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libGraphicsMagick++-devel-1.3.29-bp151.5.15.1.x86_64"
},
"product_reference": "libGraphicsMagick++-devel-1.3.29-bp151.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick-Q16-3-1.3.29-bp151.5.15.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libGraphicsMagick-Q16-3-1.3.29-bp151.5.15.1.x86_64"
},
"product_reference": "libGraphicsMagick-Q16-3-1.3.29-bp151.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick3-config-1.3.29-bp151.5.15.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libGraphicsMagick3-config-1.3.29-bp151.5.15.1.x86_64"
},
"product_reference": "libGraphicsMagick3-config-1.3.29-bp151.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagickWand-Q16-2-1.3.29-bp151.5.15.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libGraphicsMagickWand-Q16-2-1.3.29-bp151.5.15.1.x86_64"
},
"product_reference": "libGraphicsMagickWand-Q16-2-1.3.29-bp151.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.3.29-bp151.5.15.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:perl-GraphicsMagick-1.3.29-bp151.5.15.1.x86_64"
},
"product_reference": "perl-GraphicsMagick-1.3.29-bp151.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-12672",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12672"
}
],
"notes": [
{
"category": "general",
"text": "GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:GraphicsMagick-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:GraphicsMagick-devel-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:libGraphicsMagick++-Q16-12-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:libGraphicsMagick++-devel-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:libGraphicsMagick-Q16-3-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:libGraphicsMagick3-config-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:libGraphicsMagickWand-Q16-2-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:perl-GraphicsMagick-1.3.29-bp151.5.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12672",
"url": "https://www.suse.com/security/cve/CVE-2020-12672"
},
{
"category": "external",
"summary": "SUSE Bug 1171271 for CVE-2020-12672",
"url": "https://bugzilla.suse.com/1171271"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:GraphicsMagick-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:GraphicsMagick-devel-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:libGraphicsMagick++-Q16-12-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:libGraphicsMagick++-devel-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:libGraphicsMagick-Q16-3-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:libGraphicsMagick3-config-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:libGraphicsMagickWand-Q16-2-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:perl-GraphicsMagick-1.3.29-bp151.5.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:GraphicsMagick-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:GraphicsMagick-devel-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:libGraphicsMagick++-Q16-12-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:libGraphicsMagick++-devel-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:libGraphicsMagick-Q16-3-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:libGraphicsMagick3-config-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:libGraphicsMagickWand-Q16-2-1.3.29-bp151.5.15.1.x86_64",
"SUSE Package Hub 15 SP1:perl-GraphicsMagick-1.3.29-bp151.5.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-10T12:58:47Z",
"details": "important"
}
],
"title": "CVE-2020-12672"
}
]
}
gsd-2020-12672
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-12672",
"description": "GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.",
"id": "GSD-2020-12672",
"references": [
"https://www.suse.com/security/cve/CVE-2020-12672.html",
"https://advisories.mageia.org/CVE-2020-12672.html",
"https://ubuntu.com/security/CVE-2020-12672"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-12672"
],
"details": "GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.",
"id": "GSD-2020-12672",
"modified": "2023-12-13T01:21:49.102406Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12672",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025"
},
{
"name": "[debian-lts-announce] 20200607 [SECURITY] [DLA 2236-1] graphicsmagick security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00004.html"
},
{
"name": "openSUSE-SU-2020:0779",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00008.html"
},
{
"name": "openSUSE-SU-2020:0788",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00012.html"
},
{
"name": "GLSA-202209-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202209-19"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.3.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12672"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025"
},
{
"name": "[debian-lts-announce] 20200607 [SECURITY] [DLA 2236-1] graphicsmagick security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00004.html"
},
{
"name": "openSUSE-SU-2020:0779",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00008.html"
},
{
"name": "openSUSE-SU-2020:0788",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00012.html"
},
{
"name": "GLSA-202209-19",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202209-19"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-11-14T18:49Z",
"publishedDate": "2020-05-06T03:15Z"
}
}
}
fkie_cve-2020-12672
Vulnerability from fkie_nvd
Published
2020-05-06 03:15
Modified
2024-11-21 05:00
Severity ?
Summary
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00008.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00012.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2020/06/msg00004.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/202209-19 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00008.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00012.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2020/06/msg00004.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202209-19 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| graphicsmagick | graphicsmagick | * | |
| debian | debian_linux | 8.0 | |
| opensuse | backports_sle | 15.0 | |
| opensuse | leap | 15.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6ADDFF-81B7-439D-B757-3B3AAF3AAA71",
"versionEndIncluding": "1.3.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "40513095-7E6E-46B3-B604-C926F1BA3568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c."
},
{
"lang": "es",
"value": "GraphicsMagick versiones hasta 1.3.35, presenta un desbordamiento del b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n ReadMNGImage en el archivo coders/png.c."
}
],
"id": "CVE-2020-12672",
"lastModified": "2024-11-21T05:00:02.497",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-06T03:15:11.230",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00008.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00012.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202209-19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202209-19"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-cg2w-mf57-v7rg
Vulnerability from github
Published
2022-05-24 17:17
Modified
2022-09-30 00:00
Severity ?
VLAI Severity ?
Details
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.
{
"affected": [],
"aliases": [
"CVE-2020-12672"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-05-06T03:15:00Z",
"severity": "MODERATE"
},
"details": "GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.",
"id": "GHSA-cg2w-mf57-v7rg",
"modified": "2022-09-30T00:00:33Z",
"published": "2022-05-24T17:17:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12672"
},
{
"type": "WEB",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00004.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202209-19"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00008.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00012.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…