← Back

CVE-2019-13135

nvd nist
Published: Jul 1, 2019Modified: Nov 21, 2024

JSON object

Loading...
8.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.

Affected (21)

Show all products
Imagemagick: Imagemagick · Debian: Debian Linux · Canonical: Ubuntu Linux · F5: Big Ip Application Acceleration Manager, Big Ip Webaccelerator
Imagemagick
1 product
Imagemagick
Debian
1 product
Debian Linux
Canonical
1 product
Ubuntu Linux
F5
2 products
Big Ip Application Acceleration Manager
Big Ip Webaccelerator
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Imagemagick
Imagemagick
Before 6.9.10-50
Imagemagick
From 7.0.0-0 to 7.0.8-50
Configuration B
3 vulnerable
Vulnerable SoftwareAffected Versions
Debian
Debian Linux
Version 10.0
Debian Linux
Version 8.0
Debian Linux
Version 9.0
Configuration C
4 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 16.04
Ubuntu Linux
Version 18.04
Ubuntu Linux
Version 19.04
Ubuntu Linux
Version 19.10
Configuration D
12 vulnerable
Vulnerable SoftwareAffected Versions
F5
Big Ip Application Acceleration Manager
From 11.5.2 to 11.6.5.2
Big Ip Application Acceleration Manager
From 12.1.0 to 12.1.5.2
Big Ip Application Acceleration Manager
From 13.1.0 to 13.1.3.4
Big Ip Application Acceleration Manager
From 14.0.0 to 14.1.2.5
Big Ip Application Acceleration Manager
From 15.0.0 to 15.0.1.3
Big Ip Application Acceleration Manager
From 15.1.0 to 15.1.0.2
F5
Big Ip Webaccelerator
From 11.5.2 to 11.6.5.2
Big Ip Webaccelerator
From 12.1.0 to 12.1.5.2
Big Ip Webaccelerator
From 13.1.0 to 13.1.3.4
Big Ip Webaccelerator
From 14.0.0 to 14.1.2.5
Big Ip Webaccelerator
From 15.0.0 to 15.0.1.3
Big Ip Webaccelerator
From 15.1.0 to 15.1.0.2

Related CWEs

CWE-908
Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.

References (20)

Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
PatchThird Party Advisory
Source: cve@mitre.org
PatchThird Party Advisory
Source: cve@mitre.org
PatchThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.