Your submission was sent successfully! Close

CVE-2017-14137

Published: 04 September 2017

ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header.

Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
imagemagick
Launchpad, Ubuntu, Debian
Upstream
Released (8:6.9.9.34+dfsg-3)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(code not built)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(code not built)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [code not built])
Patches:
Upstream: https://github.com/ImageMagick/ImageMagick/commit/cfc2bd4c87481d4cf60308cc6ffd3c61288ff004