First published: Wed Sep 06 2017(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Graphicsmagick Graphicsmagick | =1.3.26 | |
debian/graphicsmagick | 1.4+really1.3.36+hg16481-2+deb11u1 1.4+really1.3.40-4 1.4+really1.3.45-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-14165 is a vulnerability in GraphicsMagick 1.3.26 that allows for remote denial of service through excessive memory allocation.
CVE-2017-14165 has a severity score of 6.5 out of 10.
CVE-2017-14165 can lead to remote denial of service in the MagickMalloc function in magick/memory.c.
The recommended remedy for CVE-2017-14165 in Debian is to upgrade to GraphicsMagick versions 1.4+really1.3.35-1~deb10u2, 1.4+really1.3.35-1~deb10u3, 1.4+really1.3.36+hg16481-2+deb11u1, 1.4+really1.3.40-4, or 1.4+really1.3.42-1.
The recommended remedy for CVE-2017-14165 in Ubuntu is to upgrade to GraphicsMagick version 1.3.18-1ubuntu3.1+ for Trusty or 1.3.23-1ubuntu0.4 for Xenial.