14 lines
1.2 KiB
JSON
14 lines
1.2 KiB
JSON
{
|
||
"id": "openEuler-SA-2022-1903",
|
||
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2022-1903",
|
||
"title": "An update for ImageMagick is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS",
|
||
"severity": "Moderate",
|
||
"description": "Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats (over 200) including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort,shear and transform images, adjust image colors, apply various special effects,or draw text, lines, polygons, ellipses and Bézier curves.\r\n\r\nSecurity Fix(es):\r\n\r\nA heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading to a denial of service.(CVE-2022-1115)",
|
||
"cves": [
|
||
{
|
||
"id": "CVE-2022-1115",
|
||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1115",
|
||
"severity": "Moderate"
|
||
}
|
||
]
|
||
} |