« List of all CVEs

CVE-2022-1115

Published: 8/29/2022 Last updated: 8/2/2024 Reserved: 3/28/2022

A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading to a denial of service.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (2)

conf-libMagickCore ocsigen-start

Products affected (1)

Product Vendor Version
ImageMagick n/a < 525bdcb0838d19d918c7786151ee14661967a030

References (10)