CVE-2017-13145
- Source
- https://cve.org/CVERecord?id=CVE-2017-13145
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-13145.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-13145
- Downstream
- Published
- 2017-08-23T06:29:00.400Z
- Modified
- 2026-05-07T04:38:07.499118Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.
- Database specific
{ "unresolved_ranges": [ { "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "14.04" } ], "cpe": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "16.04" } ], "cpe": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "17.10" } ], "cpe": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "18.04" } ], "cpe": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "8.0" } ], "cpe": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "9.0" } ], "cpe": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" } ] }- References
-
- https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html
- https://security.gentoo.org/glsa/201711-07
- https://usn.ubuntu.com/3681-1/
- https://www.debian.org/security/2017/dsa-4019
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869830
- https://github.com/ImageMagick/ImageMagick/commit/acee073df34aa4d491bf5cb74d3a15fc80f0a3aa
- https://github.com/ImageMagick/ImageMagick/commit/f13c6b54a879aaa771ec64b5a066b939e8f8e7f0
- https://github.com/ImageMagick/ImageMagick/issues/501
Affected packages
Git / github.com/imagemagick/imagemagick
Affected ranges
- Type
- GIT
- Repo
- https://github.com/imagemagick/imagemagick
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
- Database specific
{ "source": "CPE_FIELD", "extracted_events": [ { "introduced": "0" }, { "last_affected": "7.0.1-0" }, { "last_affected": "7.0.1-1" }, { "last_affected": "7.0.1-2" }, { "last_affected": "7.0.1-3" }, { "last_affected": "7.0.1-4" }, { "last_affected": "7.0.1-5" }, { "last_affected": "7.0.1-6" }, { "last_affected": "7.0.1-7" }, { "last_affected": "7.0.1-8" }, { "last_affected": "7.0.1-9" }, { "last_affected": "7.0.1-10" }, { "last_affected": "7.0.2-0" }, { "last_affected": "7.0.2-1" }, { "last_affected": "7.0.2-2" }, { "last_affected": "7.0.2-3" }, { "last_affected": "7.0.2-4" }, { "last_affected": "7.0.2-5" }, { "last_affected": "7.0.2-6" }, { "last_affected": "7.0.2-7" }, { "last_affected": "7.0.2-8" }, { "last_affected": "7.0.2-9" }, { "last_affected": "7.0.2-10" }, { "last_affected": "7.0.3-0" }, { "last_affected": "7.0.3-1" }, { "last_affected": "7.0.3-2" }, { "last_affected": "7.0.3-3" }, { "last_affected": "7.0.3-4" }, { "last_affected": "7.0.3-5" }, { "last_affected": "7.0.3-6" }, { "last_affected": "7.0.3-7" }, { "last_affected": "7.0.3-8" }, { "last_affected": "7.0.3-9" }, { "last_affected": "7.0.3-10" }, { "last_affected": "7.0.4-0" }, { "last_affected": "7.0.4-1" }, { "last_affected": "7.0.4-2" }, { "last_affected": "7.0.4-3" }, { "last_affected": "7.0.4-4" }, { "last_affected": "7.0.4-5" }, { "last_affected": "7.0.4-6" }, { "last_affected": "7.0.4-7" }, { "last_affected": "7.0.4-8" }, { "last_affected": "7.0.4-9" }, { "last_affected": "7.0.4-10" }, { "last_affected": "7.0.5-0" }, { "last_affected": "7.0.5-1" }, { "last_affected": "7.0.5-4" }, { "last_affected": "7.0.5-5" }, { "last_affected": "7.0.5-6" }, { "last_affected": "7.0.5-7" }, { "last_affected": "7.0.5-8" } ], "cpe": [ "cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-2:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-3:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-4:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-5:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-6:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-7:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-8:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-9:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-10:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-2:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-3:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-4:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-5:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-6:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-7:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-8:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-9:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-10:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-2:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-3:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-4:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-5:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-6:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-7:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-8:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-9:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-10:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-2:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-3:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-4:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-5:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-6:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-7:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-8:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-9:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-10:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.5-0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.5-1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.5-4:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.5-5:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.5-6:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.5-7:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.5-8:*:*:*:*:*:*:*" ] }
Affected versions
7.*
7.0.1-0
7.0.1-1
7.0.1-10
7.0.1-2
7.0.1-3
7.0.1-4
7.0.1-5
7.0.1-6
7.0.1-7
7.0.1-8
7.0.1-9
7.0.2-0
7.0.2-1
7.0.2-10
7.0.2-2
7.0.2-3
7.0.2-4
7.0.2-5
7.0.2-6
7.0.2-7
7.0.2-8
7.0.2-9
7.0.3-0
7.0.3-1
7.0.3-10
7.0.3-2
7.0.3-3
7.0.3-4
7.0.3-5
7.0.3-6
7.0.3-7
7.0.3-8
7.0.3-9
7.0.4-0
7.0.4-1
7.0.4-10
7.0.4-2
7.0.4-3
7.0.4-4
7.0.4-5
7.0.4-6
7.0.4-7
7.0.4-8
7.0.4-9
7.0.5-0
7.0.5-1
7.0.5-2
7.0.5-3
7.0.5-4
7.0.5-5
7.0.5-6
7.0.5-7
7.0.5-8
Git / github.com/imagemagick/imagemagick6
Affected ranges
- Type
- GIT
- Repo
- https://github.com/imagemagick/imagemagick6
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "source": "CPE_FIELD", "extracted_events": [ { "introduced": "0" }, { "last_affected": "6.9.8-7" } ], "cpe": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*" }
Affected versions
6.*
6.9.4-0
6.9.4-1
6.9.4-10
6.9.4-2
6.9.4-3
6.9.4-4
6.9.4-5
6.9.4-6
6.9.4-7
6.9.4-8
6.9.4-9
6.9.5-0
6.9.5-1
6.9.5-10
6.9.5-2
6.9.5-3
6.9.5-4
6.9.5-5
6.9.5-6
6.9.5-7
6.9.5-8
6.9.5-9
6.9.6-0
6.9.6-1
6.9.6-2
6.9.6-3
6.9.6-4
6.9.6-5
6.9.6-6
6.9.6-7
6.9.6-8
6.9.7-0
6.9.7-1
6.9.7-10
6.9.7-2
6.9.7-3
6.9.7-4
6.9.7-5
6.9.7-6
6.9.7-7
6.9.7-8
6.9.7-9
6.9.8-0
6.9.8-1
6.9.8-2
6.9.8-3
6.9.8-4
6.9.8-5
6.9.8-6
6.9.8-7