« List of all CVEs

CVE-2021-20224

Published: 8/25/2022 Last updated: 8/3/2024 Reserved: 12/17/2020

An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (2)

conf-libMagickCore ocsigen-start

Products affected (1)

Product Vendor Version
ImageMagick n/a < 10.0.14393.6897

References (8)