VDB

GCVE-VVD-MAGEIA-2019-142

GCVE-VVD-MAGEIA-2019-142
Advisory Published
Vulnetix · Advisory published September 27, 2019
In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file. (CVE-2019-10649) In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file. (CVE-2019-10650)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiaimagemagick0 (affected), 6.9.10.36-1.mga6 (unaffected), 0 (affected), 6.9.10.36-1.mga6 (unaffected)
Mageiagcc0 (affected), 8.3.1-0.20190920.1.mga7 (unaffected)

Aliases

CVE-2019-10649

Transitive aliases

GSD-2019-10649WID-SEC-W-2023-2143EUVD-2019-2449GHSA-x7gh-h4gm-34v3BDU:2020-01539CNVD-2019-14102

References

Updated imagemagick packages fix security vulnerability
advisory
Updated imagemagick packages fix security vulnerability
issue
Updated imagemagick packages fix security vulnerability
issue
Updated gcc packages fix various bugs and compiler crashes
advisory
Updated gcc packages fix various bugs and compiler crashes
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›