VDB

CVE-2019-11506

CVE-2019-11506 PUBLISHED

In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c.

EPSS 1.49% · 81.4th percentile

Risk Scores

EPSS Score
1.49%
81.4th percentile

Affected Products

VendorProductVersions
Ubuntu:18.04:LTSgraphicsmagick0, 1.3.27-3, 1.3.28-2
Ubuntu:Pro:14.04:LTSgraphicsmagick1.3.18-1ubuntu3.1+esm2, 0, 1.3.16-1.1ubuntu2
Ubuntu:Pro:16.04:LTSgraphicsmagick1.3.23-1ubuntu0.2, 1.3.23-1ubuntu0.4, 1.3.21-3

Timeline

  • Apr 24, 2019 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›