Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer. Such issues could cause a negative impact to application availability or other problems related to undefined behavior, in cases where ImageMagick processes untrusted input data. The upstream patch introduces functionality to constrain the pixel offsets and prevent these issues. This flaw affects ImageMagick versions prior to 7.0.9-0.
CVSS Information
N/A
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
ImageMagick Studio ImageMagick和Sanitize 输入验证错误漏洞
Vulnerability Description
Imagemagick Studio ImageMagick是美国Imagemagick Studio公司的一套开源的图像处理软件。该软件可读取、转换或写入多种格式的图片。Sanitize是美国Ryan Grove个人开发者的一款HTML和CSS清理器,它支持从字符串中删除HTML和CSS等。 ImageMagick 7.0.9-0之前版本存在安全漏洞,该漏洞源于MagickCore变换的CropImage()和CropImageToTiles()例程中。如UndefinedBehaviorSanitiz
CVSS Information
N/A
Vulnerability Type
N/A