Twelveand0

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.0.8-25 **Description** The issue is related to memory leaks in the DecodeImage function within the coders/pcd.c file. **Recommendations** For versions prior to 7.0.8-25, update to version 7.0.8-25 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.0.8-25 **Description** A memory leak exists in the `WritePSDChannel` function in `coders/psd.c`. This issue affects ImageMagick. **Recommendations** For versions prior to 7.0.8-25, update to version 7.0.8-25 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `WritePSDChannel` function in `coders/psd.c` until a patch is available.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.0.8-25 **Description** The issue is related to a memory leak in the WriteDIBImage component of the ImageMagick console graphic editor. This memory leak occurs due to incorrect memory deallocation before the last reference is deleted. Exploitation of this issue could allow a remote attacker to cause a denial of service. **Recommendations** For versions prior to 7.0.8-25, update to version 7.0.8-25 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.0.8-25 GraphicsMagick versions prior to 1.3.32 **Description** The issue is related to memory management errors in the WritePDFImage function of graphic editors ImageMagick and GraphicsMagick. Exploitation of this issue may allow a remote attacker to execute arbitrary code or cause a denial of service using a specially crafted image. **Recommendations** For ImageMagick versions prior to 7.0.8-25, update to version 7.0.8-25 or later. For GraphicsMagick versions prior to 1.3.32, update to version 1.3.32 or later.

**Name of the Vulnerable Software and Affected Versions** openjpeg version 2.1.2 **Description** A NULL pointer dereference flaw was found in the way openjpeg decoded certain input images. This issue is caused by a logic error in the code responsible for decoding the input image. As a result, an application using openjpeg to process image data could crash when processing a crafted image. **Recommendations** For openjpeg version 2.1.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenJPEG version 2.1.2 **Description** An out-of-bounds read issue was found in the j2k to image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap. **Recommendations** For OpenJPEG version 2.1.2, consider updating to a newer version that contains a fix for this issue, as using a specially crafted JPEG2000 file could lead to application crashes or potential data disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.