First published: Tue Aug 22 2017(Updated: )
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Graphicsmagick Graphicsmagick | =1.3.26 | |
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
debian/graphicsmagick | 1.4+really1.3.36+hg16481-2+deb11u1 1.4+really1.3.40-4 1.4+really1.3.45-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this GraphicsMagick vulnerability is CVE-2017-13063.
The severity level of CVE-2017-13063 is medium.
The function GetStyleTokens in coders/svg.c:314:12 is vulnerable in GraphicsMagick 1.3.26.
GraphicsMagick 1.3.26 is affected, as well as various Debian and Ubuntu versions.
You can fix the CVE-2017-13063 vulnerability by updating to the recommended versions of GraphicsMagick provided by Debian or Ubuntu.