Your submission was sent successfully! Close

CVE-2021-20310

Published: 11 May 2021

A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
imagemagick
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
focal Not vulnerable
(code not present)
groovy Not vulnerable
(code not present)
precise Does not exist

trusty Does not exist

upstream
Released (7.0.11-2)
xenial Not vulnerable
(code not present)