CVE-2021-20312
Summary
| CVE | CVE-2021-20312 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2021-05-11 23:15:00 UTC |
|---|
| Updated | 2023-05-22 02:15:00 UTC |
|---|
| Description | A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| 1946742 – (CVE-2021-20312) CVE-2021-20312 ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c |
MISC |
bugzilla.redhat.com |
|
| [SECURITY] [DLA 3429-1] imagemagick security update |
MLIST |
lists.debian.org |
|
| [SECURITY] [DLA 2672-1] imagemagick security update |
MLIST |
lists.debian.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 174933 SUSE Enterprise Linux Security Update for ImageMagick (SUSE-SU-2021:1277-1)
- 174936 SUSE Enterprise Linux Security Update for ImageMagick (SUSE-SU-2021:1276-1)
- 178654 Debian Security Update for imagemagick (DLA 2672-1)
- 181795 Debian Security Update for imagemagick (DLA 3429-1)
- 184271 Debian Security Update for imagemagick (CVE-2021-20312)
- 198584 Ubuntu Security Notification for ImageMagick Vulnerabilities (USN-5158-1)
- 199045 Ubuntu Security Notification for ImageMagick Vulnerabilities (USN-5736-1)
- 199524 Ubuntu Security Notification for ImageMagick Vulnerabilities (USN-6200-1)
- 501583 Alpine Linux Security Update for imagemagick
- 501868 Alpine Linux Security Update for imagemagick
- 670541 EulerOS Security Update for ImageMagick (EulerOS-SA-2021-2299)
- 670576 EulerOS Security Update for ImageMagick (EulerOS-SA-2021-2334)
- 670627 EulerOS Security Update for ImageMagick (EulerOS-SA-2021-2385)
- 670861 EulerOS Security Update for ImageMagick (EulerOS-SA-2021-2334)
- 690139 Free Berkeley Software Distribution (FreeBSD) Security Update for imagemagick7 (a7c60af1-b3f1-11eb-a5f7-a0f3c100ae18)
- 750249 OpenSUSE Security Update for ImageMagick (openSUSE-SU-2021:0606-1)
