CVE-2022-0284
N/A
N/A
Summary
A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to convert it into a PICON file format. This issue can potentially lead to a denial of service and information disclosure.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | ImageMagick | Fixed in ImageMagick-7.1.0-20 | affected |
Weaknesses
- CWE-125: CWE-125 - Out-of-bounds Read
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.redhat.com/show_bug.cgi?id=2045943
- https://access.redhat.com/security/cve/CVE-2022-0284
- https://github.com/ImageMagick/ImageMagick/issues/4729
- https://github.com/ImageMagick/ImageMagick/commit/e50f19fd73c792ebe912df8ab83aa51a243a3da7
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2045943
- https://access.redhat.com/security/cve/CVE-2022-0284
- https://github.com/ImageMagick/ImageMagick/issues/4729
- https://github.com/ImageMagick/ImageMagick/commit/e50f19fd73c792ebe912df8ab83aa51a243a3da7
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.