VDB

GCVE-110-MAGEIA-2024-64

GCVE-110-MAGEIA-2024-64
Advisory Published
Vulnetix · Advisory published March 15, 2024
The updated packages fix security vulnerabilities: A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault. (CVE-2021-3610) A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service. (CVE-2023-3195) A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service. (CVE-2023-3428) This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546). (CVE-2023-34151)

Affected Products

VendorProductVersionsPlatforms
Mageiaimagemagick0 (affected), 0 (affected), 7.1.1.29-1.mga9.tainted (unaffected), 0 (affected), 7.1.1.29-1.mga9 (unaffected), 0 (affected), 7.1.1.29-1.mga9.tainted (unaffected), 7.1.1.29-1.mga9 (unaffected)
Mageiahaproxy0 (affected), 2.8.6-1.mga9 (unaffected)

Browse GCVE Records

73,685 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›