DEBIAN-CVE-2021-20311

DEBIAN-CVE-2021-20311 PUBLISHED CVSS 7.5 HIGH

A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:13	imagemagick	0, 0, 0
Debian:12	imagemagick	0, 0, 0
Debian:14	imagemagick	0, 0, 0
Debian:11	imagemagick	6.9.11.60+dfsg, 6.9.11.60+dfsg, 6.9.11.60+dfsg

Timeline

May 11, 2021 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2021-20311 advisory

Open in Interactive Console →