CVE-2021-20224

Summary

An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash.

Affected Software

VendorProductVersion RangeStatus
n/aImageMagickFixed in ImageMagick-7.0.10-57, ImageMagick6-6.9.11-57affected

Weaknesses

  • CWE-190: CWE-190 - Integer Overflow or Wraparound

ADP Enrichment

CVE Program Container

Additional References

References