CVE-2017-18209

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-18209
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-18209.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-18209
Related
Published
2018-03-01T21:29:00Z
Modified
2024-08-01T08:34:36.928563Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.

References

Affected packages

Debian:11 / imagemagick

Package

Name
imagemagick
Purl
pkg:deb/debian/imagemagick?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.9.34+dfsg-3

Ecosystem specific 

{
    "urgency": "low"
}

Debian:12 / imagemagick

Package

Name
imagemagick
Purl
pkg:deb/debian/imagemagick?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.9.34+dfsg-3

Ecosystem specific 

{
    "urgency": "low"
}

Debian:13 / imagemagick

Package

Name
imagemagick
Purl
pkg:deb/debian/imagemagick?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.9.34+dfsg-3

Ecosystem specific 

{
    "urgency": "low"
}

Git / github.com/imagemagick/imagemagick

Affected ranges

Type
GIT
Repo
https://github.com/imagemagick/imagemagick
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
009e5556dac88bcbb1aef80907747793299c30a6
Last affected
2460488112c34711473f50e16566494155d8e6ef
Last affected
27f8ba82ddd665ab41cef6588128f680cbd69905
Last affected
2884ed8a622c4b5678d1083fcaf0530ea3d58c7a
Last affected
311157f0b67f4ccc85b3219f49db4f6d5277bd8e
Last affected
315d854ad367b89f0e62b107fb9a9dda1a7659a0
Last affected
3278fc22854db6236bcac95c963f0460b247a778
Last affected
652508e718a196c629fd97e465239d1ae52b2f23
Last affected
78684928670347f8229905d3487f3208e3ebe289
Last affected
7be0c046e2cfa5d1c97c4185137697b4617c882c
Last affected
8910f12f08e614a150fd8d717df5170c8c9e8a4b
Last affected
908258552716d029a6119c34de2350344720d405
Last affected
93b85201f22d0fb0b03f3f3e0d82c96c2bc103d1
Last affected
aba94de64e1423b5a3daa6178b04e6d22c839faf
Last affected
b11a66975b900b3eb524360588edb15506290004
Last affected
b601ab2f2e355350b14ca72753684cbeeef7ffcf
Last affected
b964b20847be9015699bdb59b6431cf1101806ad
Last affected
c9d4c4ecd1f7fb5168e512a0ba183b4bf8b47ce3
Last affected
ccc3afcfc93d5b421893d1da1cdae29908fc8dd1
Last affected
d0c7deb7a2a4801ebfd589b33744294116f8873c
Last affected
dcd5a5fed62ec861b955bd3da1d6f5592486c05a
Last affected
ddbf0ed10323d0fb329189041190630a8f7af5a7
Last affected
e017264a99f7621a5a7556454a2a6db43f8a45c3
Last affected
e12602b39b5e778240d286b6f9bbbc0fe3fb26c5
Last affected
f39bfc52683755b50c83f3be693982a3bdb250fe
Last affected
fcebe0ec85a9f532a6108efc08f0fad1a6df83f0

Affected versions

7.*

7.0.1-0
7.0.1-1
7.0.1-10
7.0.1-2
7.0.1-3
7.0.1-4
7.0.1-5
7.0.1-6
7.0.1-7
7.0.1-8
7.0.1-9
7.0.2-0
7.0.2-1
7.0.2-10
7.0.2-2
7.0.2-3
7.0.2-4
7.0.2-5
7.0.2-6
7.0.2-7
7.0.2-8
7.0.2-9
7.0.3-0
7.0.3-1
7.0.3-10
7.0.3-2
7.0.3-3
7.0.3-4
7.0.3-5
7.0.3-6
7.0.3-7
7.0.3-8
7.0.3-9
7.0.4-0
7.0.4-1
7.0.4-10
7.0.4-2
7.0.4-3
7.0.4-4
7.0.4-5
7.0.4-6
7.0.4-7
7.0.4-8
7.0.4-9
7.0.5-0
7.0.5-1
7.0.5-10
7.0.5-2
7.0.5-3
7.0.5-4
7.0.5-5
7.0.5-6
7.0.5-7
7.0.5-8
7.0.5-9
7.0.6-0
7.0.6-1
7.0.6-2
7.0.6-3
7.0.6-4
7.0.6-5
7.0.6-6
7.0.6-7
7.0.6-8
7.0.6-9
7.0.7-0
7.0.7-1
7.0.7-10
7.0.7-11
7.0.7-12
7.0.7-13
7.0.7-14
7.0.7-15
7.0.7-16
7.0.7-17
7.0.7-18
7.0.7-19
7.0.7-2
7.0.7-20
7.0.7-21
7.0.7-22
7.0.7-23
7.0.7-24
7.0.7-25
7.0.7-3
7.0.7-4
7.0.7-5
7.0.7-6
7.0.7-8
7.0.7-9
7.0.7.7