UBUNTU-CVE-2020-27752

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2020-27752

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-27752.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2020-27752

Upstream

CVE-2020-27752

Published

2020-12-08T22:15:00Z

Modified

2025-07-18T16:46:10Z

Severity

7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0.

References

Affected packages

Ubuntu:Pro:14.04:LTS / imagemagick

Package

Name: imagemagick
Purl: pkg:deb/ubuntu/imagemagick@8:6.7.7.10-6ubuntu3.13+esm12?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

8:6.*

8:6.7.7.10-5ubuntu3

8:6.7.7.10-5ubuntu4

8:6.7.7.10-6ubuntu1

8:6.7.7.10-6ubuntu2

8:6.7.7.10-6ubuntu3

8:6.7.7.10-6ubuntu3.1

8:6.7.7.10-6ubuntu3.2

8:6.7.7.10-6ubuntu3.3

8:6.7.7.10-6ubuntu3.4

8:6.7.7.10-6ubuntu3.5

8:6.7.7.10-6ubuntu3.6

8:6.7.7.10-6ubuntu3.7

8:6.7.7.10-6ubuntu3.8

8:6.7.7.10-6ubuntu3.9

8:6.7.7.10-6ubuntu3.11

8:6.7.7.10-6ubuntu3.12

8:6.7.7.10-6ubuntu3.13

8:6.7.7.10-6ubuntu3.13+esm1

8:6.7.7.10-6ubuntu3.13+esm2

8:6.7.7.10-6ubuntu3.13+esm3

8:6.7.7.10-6ubuntu3.13+esm4

8:6.7.7.10-6ubuntu3.13+esm5

8:6.7.7.10-6ubuntu3.13+esm6

8:6.7.7.10-6ubuntu3.13+esm7

8:6.7.7.10-6ubuntu3.13+esm8

8:6.7.7.10-6ubuntu3.13+esm9

8:6.7.7.10-6ubuntu3.13+esm10

8:6.7.7.10-6ubuntu3.13+esm11

8:6.7.7.10-6ubuntu3.13+esm12

Ubuntu:Pro:16.04:LTS / imagemagick

Package

Name: imagemagick
Purl: pkg:deb/ubuntu/imagemagick@8:6.8.9.9-7ubuntu5.16+esm11?arch=source&distro=esm-infra/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

8:6.*

8:6.8.9.9-5ubuntu2

8:6.8.9.9-6

8:6.8.9.9-6build1

8:6.8.9.9-7

8:6.8.9.9-7ubuntu1

8:6.8.9.9-7ubuntu2

8:6.8.9.9-7ubuntu3

8:6.8.9.9-7ubuntu4

8:6.8.9.9-7ubuntu5

8:6.8.9.9-7ubuntu5.1

8:6.8.9.9-7ubuntu5.2

8:6.8.9.9-7ubuntu5.3

8:6.8.9.9-7ubuntu5.4

8:6.8.9.9-7ubuntu5.5

8:6.8.9.9-7ubuntu5.6

8:6.8.9.9-7ubuntu5.7

8:6.8.9.9-7ubuntu5.8

8:6.8.9.9-7ubuntu5.9

8:6.8.9.9-7ubuntu5.11

8:6.8.9.9-7ubuntu5.12

8:6.8.9.9-7ubuntu5.13

8:6.8.9.9-7ubuntu5.14

8:6.8.9.9-7ubuntu5.15

8:6.8.9.9-7ubuntu5.16

8:6.8.9.9-7ubuntu5.16+esm1

8:6.8.9.9-7ubuntu5.16+esm2

8:6.8.9.9-7ubuntu5.16+esm3

8:6.8.9.9-7ubuntu5.16+esm4

8:6.8.9.9-7ubuntu5.16+esm5

8:6.8.9.9-7ubuntu5.16+esm6

8:6.8.9.9-7ubuntu5.16+esm7

8:6.8.9.9-7ubuntu5.16+esm8

8:6.8.9.9-7ubuntu5.16+esm9

8:6.8.9.9-7ubuntu5.16+esm10

8:6.8.9.9-7ubuntu5.16+esm11

Ubuntu:Pro:18.04:LTS / imagemagick

Package

Name: imagemagick
Purl: pkg:deb/ubuntu/imagemagick@8:6.9.7.4+dfsg-16ubuntu6.15+esm3?arch=source&distro=esm-infra/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

8:6.*

8:6.9.7.4+dfsg-16ubuntu2

8:6.9.7.4+dfsg-16ubuntu3

8:6.9.7.4+dfsg-16ubuntu4

8:6.9.7.4+dfsg-16ubuntu5

8:6.9.7.4+dfsg-16ubuntu6

8:6.9.7.4+dfsg-16ubuntu6.2

8:6.9.7.4+dfsg-16ubuntu6.3

8:6.9.7.4+dfsg-16ubuntu6.4

8:6.9.7.4+dfsg-16ubuntu6.7

8:6.9.7.4+dfsg-16ubuntu6.8

8:6.9.7.4+dfsg-16ubuntu6.9

8:6.9.7.4+dfsg-16ubuntu6.11

8:6.9.7.4+dfsg-16ubuntu6.12

8:6.9.7.4+dfsg-16ubuntu6.13

8:6.9.7.4+dfsg-16ubuntu6.14

8:6.9.7.4+dfsg-16ubuntu6.15

8:6.9.7.4+dfsg-16ubuntu6.15+esm1

8:6.9.7.4+dfsg-16ubuntu6.15+esm2

8:6.9.7.4+dfsg-16ubuntu6.15+esm3

Ubuntu:Pro:20.04:LTS / imagemagick

Package

Name: imagemagick
Purl: pkg:deb/ubuntu/imagemagick@8:6.9.10.23+dfsg-2.1ubuntu11.11+esm1?arch=source&distro=esm-apps/focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

8:6.*

8:6.9.10.23+dfsg-2.1ubuntu3

8:6.9.10.23+dfsg-2.1ubuntu8

8:6.9.10.23+dfsg-2.1ubuntu9

8:6.9.10.23+dfsg-2.1ubuntu10

8:6.9.10.23+dfsg-2.1ubuntu11

8:6.9.10.23+dfsg-2.1ubuntu11.1

8:6.9.10.23+dfsg-2.1ubuntu11.2

8:6.9.10.23+dfsg-2.1ubuntu11.4

8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1

8:6.9.10.23+dfsg-2.1ubuntu11.5

8:6.9.10.23+dfsg-2.1ubuntu11.6

8:6.9.10.23+dfsg-2.1ubuntu11.6+esm1

8:6.9.10.23+dfsg-2.1ubuntu11.7

8:6.9.10.23+dfsg-2.1ubuntu11.7+esm1

8:6.9.10.23+dfsg-2.1ubuntu11.9

8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1

8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2

8:6.9.10.23+dfsg-2.1ubuntu11.10

8:6.9.10.23+dfsg-2.1ubuntu11.10+esm1

8:6.9.10.23+dfsg-2.1ubuntu11.11

8:6.9.10.23+dfsg-2.1ubuntu11.11+esm1