VDB
CVE-2021-20242
CVE-2021-20242
PUBLISHED
In ImageMagick existieren mehrere Schwachstellen, welche auf mehrere "Teilen-durch-Null-Fehler" in verschiedenen Komponenten zurückzuführen sind. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuführen oder weitere, unbekannte Auswirkungen zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion (z.B. Öffnen einer speziell gestalteten Bilddatei) erforderlich.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu | Ubuntu Linux | |
| Open Source | Open Source ImageMagick <7.0.10-62 | |
| Debian | Debian Linux | |
| SUSE | SUSE Linux | |
| Amazon | Amazon Linux 2 |
Timeline
- Feb 15, 2021 CVE Published
- Dec 16, 2024 CVE Updated
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Security Advisory
- Mar 17, 2026 Security Advisory
References
- https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-1573.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1573 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1928941 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1928943 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1928952 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1928957 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1928958 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1928959 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2021-February/008371.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2021-February/008374.html advisory
- https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html advisory
- https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html advisory
- https://ubuntu.com/security/notices/USN-4988-1 advisory
- https://ubuntu.com/security/notices/USN-5158-1 advisory
- https://ubuntu.com/security/notices/USN-5335-1 advisory
- https://alas.aws.amazon.com/AL2022/ALAS-2022-141.html advisory
- https://alas.aws.amazon.com/AL2022/ALAS-2022-164.html advisory
- https://ubuntu.com/security/notices/USN-5736-1 advisory
- https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html advisory
- https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html advisory
…and 5 more