← Back

CVE-2019-13296

nvd nist
Published: Jul 5, 2019Modified: Nov 21, 2024

JSON object

Loading...
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Exploitability: 2.8 / Impact: 3.6
Source: NVD

Description

ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value.

Affected (3)

Imagemagick
1 product
Imagemagick
Opensuse
1 product
Leap
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Imagemagick
Version 7.0.8-50 q16
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Opensuse
Leap
Version 15.0
Leap
Version 15.1

Related CWEs

CWE-401
Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (6)

Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Patch
Source: cve@mitre.org
ExploitIssue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue TrackingPatchThird Party Advisory

Timeline

No history available yet.