CVE-2021-20313 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-20313 PUBLISHED

A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality.

EPSS 0.24% · 47.3th percentile

Risk Scores

EPSS Score

0.24%

47.3th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:20.04:LTS	imagemagick	0, 8:6.9.10.23+dfsg-2.1ubuntu11.4, 8:6.9.10.23+dfsg-2.1ubuntu11
Ubuntu:Pro:22.04:LTS	imagemagick	8:6.9.11.60+dfsg-1.3ubuntu0.22.04.1, 8:6.9.11.60+dfsg-1.3build2, 8:6.9.11.60+dfsg-1.3build1
Ubuntu:Pro:14.04:LTS	imagemagick	8:6.7.7.10-5ubuntu4, 8:6.7.7.10-6ubuntu1, 8:6.7.7.10-6ubuntu2
Ubuntu:Pro:16.04:LTS	imagemagick	, , *
Ubuntu:18.04:LTS	imagemagick	0, 8:6.9.7.4+dfsg-16ubuntu2, 8:6.9.7.4+dfsg-16ubuntu4

Timeline

Apr 7, 2021 CVE Published
May 12, 2021 EPSS Score
Jul 14, 2021 EPSS Score
Sep 13, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Jan 14, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Mar 16, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Jul 17, 2022 EPSS Score
Sep 16, 2022 EPSS Score
Nov 17, 2022 EPSS Score

References

https://ubuntu.com/security/CVE-2021-20313 third-party-advisory
https://ubuntu.com/security/notices/USN-5158-1 vendor-advisory
https://ubuntu.com/security/notices/USN-5736-1 vendor-advisory
https://ubuntu.com/security/notices/USN-5736-2 vendor-advisory
https://ubuntu.com/security/notices/USN-6200-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2021-20313 third-party-advisory

Open in Interactive Console →