Jerryl3E

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-4 Q16 **Description** A memory leak issue was discovered in the ReadVIPSImage function, located in coders/vips.c. This issue can be exploited by attackers using a crafted file, leading to a denial of service due to memory consumption in ResizeMagickMemory in MagickCore/memory.c. **Recommendations** For ImageMagick version 7.0.7-4 Q16, as a temporary workaround, consider disabling the ReadVIPSImage function in coders/vips.c until a patch is available. Restrict access to the vulnerable function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-1 Q16 **Description** A memory leak issue was discovered in the ReadMPCImage function in coders/mpc.c, allowing attackers to cause a denial of service by using a crafted file. **Recommendations** For ImageMagick version 7.0.7-1 Q16, as a temporary workaround, consider disabling the ReadMPCImage function in coders/mpc.c until a patch is available.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-1 Q16 **Description** A memory leak issue was discovered in the ReadMATImage function in coders/mat.c, allowing attackers to cause a denial of service via a crafted file. **Recommendations** For ImageMagick version 7.0.7-1 Q16, as a temporary workaround, consider disabling the ReadMATImage function in coders/mat.c until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-1 Q16 **Description** A memory leak issue was discovered in the `PersistPixelCache` function in `magick/cache.c`, which can lead to a denial of service due to memory consumption in the `ReadMPCImage` function in `coders/mpc.c`. This can be triggered by a crafted file, potentially allowing remote attackers to cause a denial of service. **Recommendations** For ImageMagick version 7.0.7-1 Q16, consider disabling the `PersistPixelCache` function as a temporary workaround until a patch is available. Restrict access to the `ReadMPCImage` function in `coders/mpc.c` to minimize the risk of exploitation. Avoid using crafted files that may trigger the memory leak issue until the problem is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-1 Q16 **Description** The issue is related to the PersistPixelCache function in magick/cache.c, which mishandles the pixel cache nexus. This allows remote attackers to cause a denial of service via a crafted file, resulting in a NULL pointer dereference in the GetVirtualPixels function in MagickCore/cache.c. **Recommendations** For ImageMagick version 7.0.7-1 Q16, consider disabling the PersistPixelCache function as a temporary workaround until a patch is available. Restrict access to potentially vulnerable functions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.