CVE-2021-20224
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-20224
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-20224.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-20224
- Downstream
- Related
- Published
- 2022-08-25T20:15:08.873Z
- Modified
- 2025-11-17T06:34:15.925030Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash.
- References
-
- https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html
- https://github.com/ImageMagick/ImageMagick/commit/5af1dffa4b6ab984b5f13d1e91c95760d75f12a6
- https://github.com/ImageMagick/ImageMagick/pull/3083
- https://github.com/ImageMagick/ImageMagick6/commit/553054c1cb1e4e05ec86237afef76a32cd7c464d
Affected packages
Git / github.com/imagemagick/imagemagick
Affected ranges
- Type
- GIT
- Repo
- https://github.com/imagemagick/imagemagick
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
7.*
7.0.1-0
7.0.1-1
7.0.1-10
7.0.1-2
7.0.1-3
7.0.1-4
7.0.1-5
7.0.1-6
7.0.1-7
7.0.1-8
7.0.1-9
7.0.10-0
7.0.10-1
7.0.10-10
7.0.10-11
7.0.10-12
7.0.10-13
7.0.10-14
7.0.10-15
7.0.10-16
7.0.10-17
7.0.10-18
7.0.10-19
7.0.10-2
7.0.10-20
7.0.10-21
7.0.10-22
7.0.10-23
7.0.10-24
7.0.10-25
7.0.10-26
7.0.10-27
7.0.10-28
7.0.10-29
7.0.10-3
7.0.10-30
7.0.10-31
7.0.10-32
7.0.10-33
7.0.10-34
7.0.10-35
7.0.10-36
7.0.10-37
7.0.10-38
7.0.10-39
7.0.10-4
7.0.10-40
7.0.10-41
7.0.10-42
7.0.10-43
7.0.10-44
7.0.10-45
7.0.10-46
7.0.10-47
7.0.10-48
7.0.10-49
7.0.10-5
7.0.10-50
7.0.10-51
7.0.10-52
7.0.10-53
7.0.10-54
7.0.10-55
7.0.10-56
7.0.10-6
7.0.10-7
7.0.10-8
7.0.10-9
7.0.2-0
7.0.2-1
7.0.2-10
7.0.2-2
7.0.2-3
7.0.2-4
7.0.2-5
7.0.2-6
7.0.2-7
7.0.2-8
7.0.2-9
7.0.3-0
7.0.3-1
7.0.3-10
7.0.3-2
7.0.3-3
7.0.3-4
7.0.3-5
7.0.3-6
7.0.3-7
7.0.3-8
7.0.3-9
7.0.4-0
7.0.4-1
7.0.4-10
7.0.4-2
7.0.4-3
7.0.4-4
7.0.4-5
7.0.4-6
7.0.4-7
7.0.4-8
7.0.4-9
7.0.5-0
7.0.5-1
7.0.5-10
7.0.5-2
7.0.5-3
7.0.5-4
7.0.5-5
7.0.5-6
7.0.5-7
7.0.5-8
7.0.5-9
7.0.6-0
7.0.6-1
7.0.6-2
7.0.6-3
7.0.6-4
7.0.6-5
7.0.6-6
7.0.6-7
7.0.6-8
7.0.6-9
7.0.7-0
7.0.7-1
7.0.7-10
7.0.7-11
7.0.7-12
7.0.7-13
7.0.7-14
7.0.7-15
7.0.7-16
7.0.7-17
7.0.7-18
7.0.7-19
7.0.7-2
7.0.7-20
7.0.7-21
7.0.7-22
7.0.7-23
7.0.7-24
7.0.7-25
7.0.7-26
7.0.7-27
7.0.7-28
7.0.7-29
7.0.7-3
7.0.7-30
7.0.7-31
7.0.7-32
7.0.7-33
7.0.7-34
7.0.7-35
7.0.7-36
7.0.7-37
7.0.7-38
7.0.7-39
7.0.7-4
7.0.7-5
7.0.7-6
7.0.7-8
7.0.7-9
7.0.7.7
7.0.8-0
7.0.8-1
7.0.8-10
7.0.8-11
7.0.8-12
7.0.8-13
7.0.8-14
7.0.8-15
7.0.8-16
7.0.8-17
7.0.8-18
7.0.8-19
7.0.8-2
7.0.8-20
7.0.8-21
7.0.8-22
7.0.8-23
7.0.8-24
7.0.8-25
7.0.8-26
7.0.8-27
7.0.8-28
7.0.8-29
7.0.8-3
7.0.8-30
7.0.8-31
7.0.8-32
7.0.8-33
7.0.8-34
7.0.8-35
7.0.8-36
7.0.8-37
7.0.8-38
7.0.8-39
7.0.8-4
7.0.8-40
7.0.8-41
7.0.8-42
7.0.8-43
7.0.8-44
7.0.8-45
7.0.8-46
7.0.8-47
7.0.8-48
7.0.8-49
7.0.8-5
7.0.8-50
7.0.8-51
7.0.8-52
7.0.8-53
7.0.8-54
7.0.8-55
7.0.8-56
7.0.8-57
7.0.8-58
7.0.8-59
7.0.8-6
7.0.8-60
7.0.8-61
7.0.8-62
7.0.8-63
7.0.8-64
7.0.8-65
7.0.8-66
7.0.8-67
7.0.8-68
7.0.8-7
7.0.8-8
7.0.8-9
7.0.9-0
7.0.9-1
7.0.9-10
7.0.9-11
7.0.9-12
7.0.9-13
7.0.9-14
7.0.9-15
7.0.9-16
7.0.9-17
7.0.9-18
7.0.9-19
7.0.9-2
7.0.9-20
7.0.9-21
7.0.9-22
7.0.9-23
7.0.9-24
7.0.9-25
7.0.9-26
7.0.9-27
7.0.9-4
7.0.9-5
7.0.9-6
7.0.9-7
7.0.9-8
7.0.9-9
Database specific
vanir_signatures
[
{
"signature_type": "Line",
"deprecated": false,
"id": "CVE-2021-20224-daeb4ada",
"digest": {
"line_hashes": [
"139892271655436340699810948569907387715",
"8073069982342290224176713460523890186",
"216580484006097267394308153814542654887",
"301322264851573856768673248152078345283",
"327246808499009136041204877605500304787",
"178634195600065626170028627271882695543",
"208434165566334002233219020187139249965",
"210973032889484569586905829462989601926",
"289747771874893091440455418572503665068",
"59976055665224309712750295940458006764",
"111384749481747097191705007332971480182",
"331363762817259058385671483830919161092",
"162964226722790546120374139402496632838",
"50009677496338235310272810907551082341",
"230857703329152288000177511980612579446",
"323885976672510390021589726237710254753",
"237310716515105270576396074887560027065",
"193958967121893679156115646445794541215",
"327108289814314618723550842632157526855",
"18844902875906242798435906399772147364",
"38646902750912928567503687170928346986",
"141966453515207385387130021288967317877",
"207143701347306052246555371200396766942",
"213911666841541311110944986712569936893",
"113437004328350645135169795506416148356",
"164439460450226269603917904577859597066",
"190905546998074288092164341915749407163",
"202123408966448367990509752751056603990",
"89114815901601124562120202355064972109",
"114956721865740514056553884656187603125",
"85098243534327617435320973995526597593",
"270205806387676454227446674446148730975",
"291433454245051451616953219325832278144",
"30178621205767171815933864281994643905",
"167302762103572061913856503260197308042",
"67241203523820054284618570358106033715",
"175661528365926389804640880337327709950",
"223165953569714256737071215043412363318",
"117966181147198184739628270649132200220",
"620907335210931546312638705122953204",
"231248728576981368063073232549380068513",
"270205806387676454227446674446148730975",
"15731471786797568452747704921714147964",
"227073766215482191865960758345192097320",
"222543662946336074688080006318353635027",
"263481576960644357003394000332203412344",
"180908170234596781057432525252089479865"
],
"threshold": 0.9
},
"source": "https://github.com/imagemagick/imagemagick/commit/5af1dffa4b6ab984b5f13d1e91c95760d75f12a6",
"signature_version": "v1",
"target": {
"file": "MagickCore/quantum-export.c"
}
}
]
Git / github.com/imagemagick/imagemagick6
Affected ranges
- Type
- GIT
- Repo
- https://github.com/imagemagick/imagemagick6
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
6.*
6.9.10-0
6.9.10-1
6.9.10-10
6.9.10-11
6.9.10-12
6.9.10-13
6.9.10-14
6.9.10-15
6.9.10-16
6.9.10-17
6.9.10-18
6.9.10-19
6.9.10-2
6.9.10-20
6.9.10-21
6.9.10-22
6.9.10-23
6.9.10-24
6.9.10-25
6.9.10-26
6.9.10-27
6.9.10-28
6.9.10-29
6.9.10-3
6.9.10-30
6.9.10-31
6.9.10-32
6.9.10-33
6.9.10-34
6.9.10-35
6.9.10-36
6.9.10-37
6.9.10-38
6.9.10-39
6.9.10-4
6.9.10-40
6.9.10-41
6.9.10-42
6.9.10-43
6.9.10-44
6.9.10-45
6.9.10-46
6.9.10-47
6.9.10-48
6.9.10-49
6.9.10-5
6.9.10-50
6.9.10-51
6.9.10-52
6.9.10-53
6.9.10-54
6.9.10-55
6.9.10-56
6.9.10-57
6.9.10-58
6.9.10-59
6.9.10-6
6.9.10-60
6.9.10-61
6.9.10-62
6.9.10-63
6.9.10-64
6.9.10-65
6.9.10-66
6.9.10-67
6.9.10-68
6.9.10-69
6.9.10-7
6.9.10-70
6.9.10-71
6.9.10-72
6.9.10-73
6.9.10-74
6.9.10-75
6.9.10-77
6.9.10-78
6.9.10-79
6.9.10-8
6.9.10-80
6.9.10-81
6.9.10-82
6.9.10-83
6.9.10-84
6.9.10-85
6.9.10-86
6.9.10-87
6.9.10-88
6.9.10-89
6.9.10-9
6.9.10-90
6.9.10-91
6.9.10-92
6.9.10-93
6.9.10-94
6.9.10-95
6.9.10-96
6.9.10-97
6.9.11-0
6.9.11-1
6.9.11-10
6.9.11-11
6.9.11-12
6.9.11-13
6.9.11-14
6.9.11-15
6.9.11-16
6.9.11-17
6.9.11-18
6.9.11-19
6.9.11-2
6.9.11-20
6.9.11-21
6.9.11-22
6.9.11-23
6.9.11-24
6.9.11-25
6.9.11-26
6.9.11-27
6.9.11-28
6.9.11-29
6.9.11-3
6.9.11-30
6.9.11-31
6.9.11-32
6.9.11-33
6.9.11-34
6.9.11-35
6.9.11-36
6.9.11-37
6.9.11-38
6.9.11-39
6.9.11-4
6.9.11-40
6.9.11-41
6.9.11-42
6.9.11-43
6.9.11-44
6.9.11-45
6.9.11-46
6.9.11-47
6.9.11-48
6.9.11-49
6.9.11-5
6.9.11-50
6.9.11-51
6.9.11-52
6.9.11-53
6.9.11-54
6.9.11-55
6.9.11-56
6.9.11-6
6.9.11-7
6.9.11-8
6.9.11-9
6.9.4-0
6.9.4-1
6.9.4-10
6.9.4-2
6.9.4-3
6.9.4-4
6.9.4-5
6.9.4-6
6.9.4-7
6.9.4-8
6.9.4-9
6.9.5-0
6.9.5-1
6.9.5-10
6.9.5-2
6.9.5-3
6.9.5-4
6.9.5-5
6.9.5-6
6.9.5-7
6.9.5-8
6.9.5-9
6.9.6-0
6.9.6-1
6.9.6-2
6.9.6-3
6.9.6-4
6.9.6-5
6.9.6-6
6.9.6-7
6.9.6-8
6.9.7-0
6.9.7-1
6.9.7-10
6.9.7-2
6.9.7-3
6.9.7-4
6.9.7-5
6.9.7-6
6.9.7-7
6.9.7-8
6.9.7-9
6.9.8-0
6.9.8-1
6.9.8-10
6.9.8-2
6.9.8-3
6.9.8-4
6.9.8-5
6.9.8-6
6.9.8-7
6.9.8-8
6.9.8-9
6.9.9-0
6.9.9-1
6.9.9-10
6.9.9-11
6.9.9-12
6.9.9-13
6.9.9-14
6.9.9-15
6.9.9-17
6.9.9-18
6.9.9-19
6.9.9-2
6.9.9-20
6.9.9-21
6.9.9-22
6.9.9-23
6.9.9-24
6.9.9-25
6.9.9-26
6.9.9-27
6.9.9-28
6.9.9-29
6.9.9-3
6.9.9-30
6.9.9-31
6.9.9-32
6.9.9-33
6.9.9-34
6.9.9-35
6.9.9-36
6.9.9-37
6.9.9-38
6.9.9-39
6.9.9-4
6.9.9-40
6.9.9-41
6.9.9-42
6.9.9-43
6.9.9-44
6.9.9-45
6.9.9-46
6.9.9-47
6.9.9-48
6.9.9-49
6.9.9-5
6.9.9-50
6.9.9-51
6.9.9-6
6.9.9-7
6.9.9-8
6.9.9-9
Database specific
vanir_signatures
[
{
"signature_type": "Line",
"deprecated": false,
"id": "CVE-2021-20224-a53d7384",
"digest": {
"line_hashes": [
"53979216902395711810582027041982694108",
"26092895969679948176212489447990801405",
"163800926783895761033016586624063016904",
"73077941318980715110765656444941010961",
"251851459679205400807890423117256242356",
"185200187828425631190265903610090034950",
"133084714624143962526935418281808115457",
"264423585884666182462834956125338510233",
"42476773575321380112022401025690763883",
"321170815352462951280485724421628121517",
"177747034564234600509801537191660882529",
"10072442083015084982248525917364072068",
"319984749987424715195225548359889701045",
"91137359474655005720175570702654160721",
"337405249729153608100396960510260385826",
"274356324066111766103715693412752294663",
"76038044879744092160524667062397329977",
"301221776216023502097700318281417739482",
"707134332015988489512403257477274019",
"213858531594277426051220284782676505990",
"68785804981252562555795936708664418663",
"100313922471481109618800534393106213330",
"273628933568259645821266948555746258232",
"275515799993060371316561887529561824744",
"220188977339006094095722978668396215698",
"164539448480274130093611231478084636911",
"248257372029887119920914818677734514920",
"291843430103872094375034959362426157834",
"99389478946420808655873989718090339536",
"117966181147198184739628270649132200220",
"165460937767689488540714688624790594434",
"277072007908050653724890089900401043606",
"89222769570854796545096564547590825079",
"11669739399850369513117360819293130234",
"158007201958189320500919148870157930931",
"206851619774420320223544312416855984949",
"231968505191390434944795080608767724882",
"205605161026734988565951204743954319653",
"47816446765517506169508566663018328243",
"29537879250263352521057583814387605679",
"10701072071214418277398713816225511856",
"111136119119376237836957585978008820440",
"99254272134894162374660730675676752869",
"135745028777782538077990320296529665633",
"230710433627736383998007148326629718766",
"169126331861682281417138264647913803545",
"202129976081931673461745570177054140955",
"286932477217672969910641655114407382254",
"166443933074671656988141903330396332959",
"185440004704298487665522178617037001505",
"20470835903456051044390293095397457825",
"78827245408752820811383116763153183089",
"244542742669381229788498016919751099017",
"180159745437315025388641376920237892997",
"80830839308188516765404720351557223084",
"131044745426084961477318359921801315136",
"38320909786676000528564556867901241315",
"151829388775109986157949815045587223264",
"223497949666942958691417736579625812645",
"230862113204287789616295365022331443244",
"74956891127050512536650360197307336112",
"16986114209090209870071339271291402265",
"116511885267062789550843680471262159004",
"339667311767489231070072934135800876678",
"98335823829575919731847808903885361472",
"338673404831547911080376933242399145182",
"195024453560645593739232862646280026770",
"70083518488992824126186557307005983468",
"43134210344221258884624985626974655981",
"45503883055192748954096141745163766438",
"201847853268675269974259756225734873537",
"174753387717402673068636922138289205991",
"16480895398239085533705443175229498370",
"259500957314628334818595835286706068698",
"172380618333021758554636791939017047145",
"160800463702748967653377947525522959312",
"127803378753031145934314206634555789222",
"187942569865540693439890190345374948604",
"272386111763179808563901084108653975402",
"86307278744547609668078395512121200319",
"3407998250793879287266369912754289845",
"253048352394134948589677398489801098236",
"78176018790931919205360595386705417648",
"337036424567037793911741761012295609223",
"12988597882942729945170515897691258178",
"114318354635462852043500025649203661139",
"86307278744547609668078395512121200319",
"262419938259755819641468125432352224437",
"299029141703029787008899949135098012088",
"41819606756725131074075987906590426661",
"8856529054438508862038181935043081257",
"303679734657530682891732303104539719038",
"333808323874273701120420266195041963628",
"107129652971859167243129072286694516247",
"61567146340391190501553327708314269776",
"303679734657530682891732303104539719038",
"168534449123004960746244822360685637428",
"334266848137163099164685324448696241407",
"170833376724505448375909725109420297070",
"303679734657530682891732303104539719038",
"168534449123004960746244822360685637428",
"334266848137163099164685324448696241407",
"291395626422367727666300183273426255435"
],
"threshold": 0.9
},
"source": "https://github.com/imagemagick/imagemagick6/commit/553054c1cb1e4e05ec86237afef76a32cd7c464d",
"signature_version": "v1",
"target": {
"file": "magick/quantum-export.c"
}
}
]