CVE-2021-20311

ADVISORY - nist

Summary

A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.

EPSS Score⁠: 0.00087 (0.377)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-369⁠

Divide By Zero

ADVISORY - redhat

CWE-369⁠

Divide By Zero

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.