Skip to main content

Imagick

1 CVEs product

Monthly

CVE-2019-11037 CRITICAL Act Now

In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix() function did not check that the address will be within the allocated array. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Buffer Overflow Memory Corruption Imagick
NVD GitHub
CVSS 3.0
9.8
EPSS
2.0%
EPSS 2% CVSS 9.8
CRITICAL Act Now

In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix() function did not check that the address will be within the allocated array. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Buffer Overflow Memory Corruption +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy