Vulnerability CVE-2022-44268: Information
Description
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
ImageMagick | sisyphus | 6.9.12.93-alt1 | 7.1.1.31-alt1 | ALT-PU-2023-4997-2 | 327301 | Fixed |
ImageMagick | sisyphus_e2k | 6.9.12.93-alt1 | 7.1.1.31-alt1 | ALT-PU-2023-5010-1 | - | Fixed |
ImageMagick | sisyphus_riscv64 | 6.9.12.93-alt1 | 7.1.1.31-alt1 | ALT-PU-2023-5026-1 | - | Fixed |
ImageMagick | p10 | 6.9.12.93-alt1 | 6.9.13.9-alt1 | ALT-PU-2023-4999-3 | 327302 | Fixed |
ImageMagick | p10_e2k | 6.9.12.93-alt1 | 6.9.12.93-alt1 | ALT-PU-2023-5416-1 | - | Fixed |
ImageMagick | c10f1 | 6.9.12.93-alt1 | 6.9.12.93-alt1 | ALT-PU-2023-4998-3 | 327304 | Fixed |
ImageMagick | c9f2 | 6.9.12.93-alt1 | 6.9.12.93-alt1 | ALT-PU-2024-2243-2 | 340468 | Fixed |