CVE-2024-41817
ADVISORY - nistSummary
ImageMagick is a free and open-source software suite, used for editing and manipulating digital images. The AppImage version ImageMagick might use an empty path when setting MAGICK_CONFIGURE_PATH and LD_LIBRARY_PATH environment variables while executing, which might lead to arbitrary code execution by loading malicious configuration files or shared libraries in the current working directory while executing ImageMagick. The vulnerability is fixed in 7.11-36.
EPSS Score: 0.18593 (0.953)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Uncontrolled Search Path Element
ADVISORY - redhat
Uncontrolled Search Path Element
Docker
CREATED
UPDATED
ADVISORY ID
CVE-2024-41817
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
NIST
CREATED
UPDATED
ADVISORY IDCVE-2024-41817
EXPLOITABILITY SCORE
1
EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
7highAlpine
CREATED
UPDATED
ADVISORY IDCVE-2024-41817
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Debian
CREATED
UPDATED
ADVISORY IDCVE-2024-41817
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AlowUbuntu
CREATED
UPDATED
ADVISORY IDCVE-2024-41817
EXPLOITABILITY SCORE
1.8
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
7.8mediumRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2024-41817
EXPLOITABILITY SCORE
1.8
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
7.3mediumChainguard
CREATED
UPDATED
ADVISORY ID
CGA-4wh7-f8p9-ppwg
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Photon
CREATED
UPDATED
ADVISORY ID
CVE-2024-41817
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
7.8highintheWild
CREATED
UPDATED
ADVISORY IDCVE-2024-41817
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-