ImageMagick
Moderate fix2 remedies
cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*
Moderate fix2 remedies
- < 7.1.2-26
- < 6.9.13-51
An information disclosure vulnerability exists in ImageMagick versions prior to 7.1.2-26 and 6.9.13-51. When the identify command is used to display a profile with non-printable values, a single byte can be read past the profile boundary. This issue arises with debug output enabled.
Exploitation of this vulnerability allows for out-of-bounds reading, potentially leading to information disclosure.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.