vulnerability

Oracle Linux: CVE-2019-12976: ELSA-2020-1180: ImageMagick security, bug fix, and enhancement update (MODERATE)

Try Surface Command
Back to search
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
Jun 26, 2019
Added
Oct 5, 2022
Modified
Dec 3, 2025

Description

ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.
It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the ReadPCLImage() function. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them crash.
An attacker could abuse this flaw by providing a specially crafted image and cause a Denial of Service by using all available memory.

Solutions

oracle-linux-upgrade-autotraceoracle-linux-upgrade-autotrace-develoracle-linux-upgrade-emacsoracle-linux-upgrade-emacs-commonoracle-linux-upgrade-emacs-eloracle-linux-upgrade-emacs-filesystemoracle-linux-upgrade-emacs-noxoracle-linux-upgrade-emacs-terminaloracle-linux-upgrade-imagemagickoracle-linux-upgrade-imagemagick-coracle-linux-upgrade-imagemagick-c-develoracle-linux-upgrade-imagemagick-develoracle-linux-upgrade-imagemagick-docoracle-linux-upgrade-imagemagick-perloracle-linux-upgrade-inkscapeoracle-linux-upgrade-inkscape-docsoracle-linux-upgrade-inkscape-view

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today