The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.
Missing Release of Resource after Effective Lifetime
Missing Release of Memory after Effective Lifetime
-
| Package | Type | OS Name | OS Version | Affected Ranges | Fix Versions |
|---|---|---|---|---|---|
| debian/imagemagick | deb | debian | 12 | >=8:6.9.11.60+dfsg-1.6 | Not yet available |
| debian/imagemagick | deb | debian | 11 | >=8:6.9.11.60+dfsg-1.3+deb11u2 | Not yet available |
| debian/imagemagick | deb | debian | 13 | >=8:6.9.12.98+dfsg1-5.2 | Not yet available |
| debian/imagemagick | deb | debian | unstable | >=8:6.9.12.98+dfsg1-5.2 | Not yet available |
| debian/imagemagick | deb | debian | 10 | >=8:6.9.10.23+dfsg-2.1+deb10u1 | Not yet available |
Severity and metrics
No CVSS data available from this source.
2.8
2.8
1.8