CVE-2022-2719
Summary
| CVE | CVE-2022-2719 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-08-10 20:15:00 UTC |
|---|
| Updated | 2022-08-16 16:00:00 UTC |
|---|
| Description | In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed in upstream ImageMagick version 7.1.0-30. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| 2116537 – (CVE-2022-2719) CVE-2022-2719 ImageMagick: Assertion Failure could lead to DoS due to attempted writing of NULL image list |
MISC |
bugzilla.redhat.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 283136 Fedora Security Update for ImageMagick (FEDORA-2022-0a0e4cb94a)
- 354413 Amazon Linux Security Advisory for ImageMagick : ALAS2022-2022-215
- 354586 Amazon Linux Security Advisory for ImageMagick : ALAS-2022-215
- 502537 Alpine Linux Security Update for imagemagick
- 502870 Alpine Linux Security Update for imagemagick
- 753205 SUSE Enterprise Linux Security Update for ImageMagick (SUSE-SU-2022:3119-1)
- 753269 SUSE Enterprise Linux Security Update for ImageMagick (SUSE-SU-2022:2998-1)
