Your submission was sent successfully! Close

CVE-2017-13737

Published: 29 August 2017

There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.

From the Ubuntu security team

It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
graphicsmagick
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Not vulnerable
(1.3.26-15)
cosmic Not vulnerable
(1.3.26-15)
disco Not vulnerable
(1.3.26-15)
eoan Not vulnerable
(1.3.26-15)
focal Not vulnerable
(1.3.26-15)
groovy Not vulnerable
(1.3.26-15)
hirsute Not vulnerable
(1.3.26-15)
impish Not vulnerable
(1.3.26-15)
jammy Not vulnerable
(1.3.26-15)
precise Does not exist

trusty Needed

upstream Needs triage

xenial
Released (1.3.23-1ubuntu0.3)
zesty Ignored
(reached end-of-life)