CVE-2021-20224 - CERT CVE
ID CVE-2021-20224
Sažetak An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash.
Reference
CVSS
Base: 5.5
Impact: 3.6
Exploitability:1.8
Pristup
VektorSloženostAutentikacija
LOCAL LOW -
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE HIGH
CVSS vektor CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Zadnje važnije ažuriranje 11-03-2023 - 23:15
Objavljeno 25-08-2022 - 20:15