FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
3e0ca488-b3f6-11eb-a5f7-a0f3c100ae18ImageMagick6 -- multiple vulnerabilities

CVE reports:

Several vulnerabilities have been discovered in ImageMagick:

  • CVE-2021-20309: A flaw was found in ImageMagick in versions before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick.
  • CVE-2021-20176: A divide-by-zero flaw was found in ImageMagick 6.9.11-57 in gem.c. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior through a division by zero.
  • CVE-2020-29599: ImageMagick before 6.9.11-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files.
  • And maybe some others…

Discovery 2020-12-17
Entry 2021-05-13
ImageMagick6
ImageMagick6-nox11
lt 6.9.12.12,1

CVE-2020-29599
CVE-2021-20176
CVE-2021-20309