Extra Packages For Enterprise Linux
CVE-2022-2719
MEDIUM
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed in upstream ImageMagick version 7.1.0-30.
AnalysisAI
In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-617. In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed in upstream ImageMagick version 7.1.0-30. Affected products include: Fedoraproject Extra Packages For Enterprise Linux, Imagemagick, Fedoraproject Fedora. Version information: version 7.1.0.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
A vulnerability was found in ImageMagick. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. Rated critical severity (C
A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. Rat
In Plib through 1.85, there is an integer overflow vulnerability that could result in arbitrary code execution. Rated hi
A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. Rated h
A vulnerability was found in ImageMagick. Rated high severity (CVSS 7.8), this vulnerability is no authentication requir
A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c. Rated high severity
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). Rated high severity (CVSS 7.5), this vulnerabilit
This affects the package celery before 5.2.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable
An issue was discovered in Pure-FTPd 1.0.49. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable,
A flaw was found in mbsync before v1.3.5 and v1.4.1. Rated high severity (CVSS 7.4), this vulnerability is remotely expl
Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automatio
Same weakness CWE-617 – Reachable Assertion
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today