CVE-2014-9854

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2014-9854

Severity

7.5

High

CVSS CVSS_V3

Description

coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."

References

https://images.chainguard.dev/security/CGA-q967-cm4j-v4r9
https://github.com/advisories/GHSA-g4p4-j496-m4vw
http://www.ubuntu.com/usn/USN-3131-1
http://www.openwall.com/lists/oss-security/2016/06/02/13
http://git.imagemagick.org/repos/ImageMagick/commit/7fb9b7e095a65b4528d0180e26574f2bc7cd0e8b
https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=5ee6f49297c8137cae527429e0267462c14ec3ed
https://bugzilla.redhat.com/show_bug.cgi?id=1343514
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html
https://security-tracker.debian.org/tracker/CVE-2014-9854

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Private Policy

Product

Chainguard Containers Chainguard Libraries Chainguard VMs Integrations Pricing

Solutions

FedRAMP PCI DSS Golden Images CVE Remediation Public Sector

Customers

Customer Stories Chainguard Reviews

Resources

Events & Webinars Chainguard Courses Documentation Trust Center

Company

About Us Blog Partners Newsroom Careers Legal