返回 CVE 瀏覽器

CVE-2017-14138

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0990%

EPSS Percentile32.90th

Published2017年9月4日

Last Modified2026年5月13日

Vulnerability Description

ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors.

Affected Platforms (CPE)

📦

Imagemagick

Imagemagick

= 7.0.6-5

References & Advisories

🔗 https://github.com/ImageMagick/ImageMagick/issues/639

🔗 https://security.gentoo.org/glsa/201711-07

🔗 https://github.com/ImageMagick/ImageMagick/issues/639

🔗 https://security.gentoo.org/glsa/201711-07

相關漏洞威脅

CVE-2004-098110.0

Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a ce...

CVE-2017-146249.8

ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.

CVE-2017-131399.8

In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with ...

CVE-2017-145329.8

ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.