Your submission was sent successfully! Close

CVE-2017-13145

Published: 23 August 2017

In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
imagemagick
Launchpad, Ubuntu, Debian
artful Not vulnerable
(8:6.9.7.4+dfsg-16ubuntu2)
bionic Not vulnerable
(8:6.9.7.4+dfsg-16ubuntu2)
precise Does not exist

trusty Does not exist
(trusty was not-affected [code not present])
upstream
Released (8:6.9.7.4+dfsg-13)
xenial
Released (8:6.8.9.9-7ubuntu5.11)
zesty Ignored
(reached end-of-life)