CVE-2021-20309
Summary
| CVE | CVE-2021-20309 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2021-05-11 23:15:00 UTC |
|---|
| Updated | 2023-05-22 02:15:00 UTC |
|---|
| Description | A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to system availability. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| [SECURITY] [DLA 3429-1] imagemagick security update |
MLIST |
lists.debian.org |
|
| [SECURITY] [DLA 2672-1] imagemagick security update |
MLIST |
lists.debian.org |
|
| 1946722 – (CVE-2021-20309) CVE-2021-20309 ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c |
MISC |
bugzilla.redhat.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 174933 SUSE Enterprise Linux Security Update for ImageMagick (SUSE-SU-2021:1277-1)
- 174936 SUSE Enterprise Linux Security Update for ImageMagick (SUSE-SU-2021:1276-1)
- 178654 Debian Security Update for imagemagick (DLA 2672-1)
- 181795 Debian Security Update for imagemagick (DLA 3429-1)
- 182663 Debian Security Update for imagemagick (CVE-2021-20309)
- 198584 Ubuntu Security Notification for ImageMagick Vulnerabilities (USN-5158-1)
- 199045 Ubuntu Security Notification for ImageMagick Vulnerabilities (USN-5736-1)
- 199524 Ubuntu Security Notification for ImageMagick Vulnerabilities (USN-6200-1)
- 354324 Amazon Linux Security Advisory for ImageMagick : ALAS2022-2022-164
- 354383 Amazon Linux Security Advisory for ImageMagick : ALAS2022-2022-141
- 501583 Alpine Linux Security Update for imagemagick
- 501868 Alpine Linux Security Update for imagemagick
- 502307 Alpine Linux Security Update for imagemagick6
- 670541 EulerOS Security Update for ImageMagick (EulerOS-SA-2021-2299)
- 670576 EulerOS Security Update for ImageMagick (EulerOS-SA-2021-2334)
- 670627 EulerOS Security Update for ImageMagick (EulerOS-SA-2021-2385)
- 670861 EulerOS Security Update for ImageMagick (EulerOS-SA-2021-2334)
- 690137 Free Berkeley Software Distribution (FreeBSD) Security Update for imagemagick6 (3e0ca488-b3f6-11eb-a5f7-a0f3c100ae18)
- 690139 Free Berkeley Software Distribution (FreeBSD) Security Update for imagemagick7 (a7c60af1-b3f1-11eb-a5f7-a0f3c100ae18)
- 750249 OpenSUSE Security Update for ImageMagick (openSUSE-SU-2021:0606-1)
