CVE-2021-20311

ADVISORY - nist

Summary

A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.

EPSS Score⁠: 0.00087 (0.377)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-369⁠

Divide By Zero

ADVISORY - redhat

CWE-369⁠

Divide By Zero

Impacted images

Advisories

NIST

CREATED

3 years ago

UPDATED

3 years ago

ADVISORY IDCVE-2021-20311⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-369⁠

CVSS SCORE

7.5high

Alpine

CREATED

3 years ago

UPDATED

5 months ago

ADVISORY IDCVE-2021-20311⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

3 years ago

UPDATED

2 months ago

ADVISORY IDCVE-2021-20311⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

3 years ago

UPDATED

7 months ago

ADVISORY IDCVE-2021-20311⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5medium

Red Hat

CREATED

4 years ago

UPDATED

1 year ago

ADVISORY IDCVE-2021-20311⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-369⁠

CVSS SCORE

5.3low

SUSE

CREATED

3 years ago

UPDATED

1 year ago

ADVISORY IDCVE-2021-20311⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.3medium