First published: Wed Nov 04 2020(Updated: )
In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
ImageMagick ImageMagick | <7.0.9-0 | |
Redhat Enterprise Linux Desktop | =5.0 | |
Redhat Enterprise Linux Desktop | =6.0 | |
Redhat Enterprise Linux Desktop | =7.0 | |
Fedoraproject Fedora | =33 | |
redhat/ImageMagick 7.0.9 | <0 | 0 |
debian/imagemagick | 8:6.9.11.60+dfsg-1.3+deb11u4 8:6.9.11.60+dfsg-1.3+deb11u3 8:6.9.11.60+dfsg-1.6+deb12u2 8:6.9.11.60+dfsg-1.6+deb12u1 8:6.9.13.12+dfsg1-1 8:7.1.1.39+dfsg1-2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-27769 is a vulnerability in ImageMagick versions before 7.0.9-0 that allows values outside the range of representable floats.
The severity of CVE-2020-27769 is medium with a severity value of 3.3.
ImageMagick versions before 7.0.9-0 are affected by CVE-2020-27769.
To fix CVE-2020-27769, upgrade ImageMagick to version 7.0.9-0 or later.
More information about CVE-2020-27769 can be found on MITRE's CVE website, ImageMagick GitHub repository, and Ubuntu security notices page.