PT-2020-7901 · Gm · Gm

Published

2020-09-01

Updated

2020-09-01

CVE-2015-7982

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions: gm versions prior to 1.21.1

Description: The issue is triggered when user input is passed into the gm.compare() function, which fails to sanitize input correctly before calling the graphics magic binary. This leads to a command injection vulnerability.

Recommendations: Update to version 1.21.1 or later.

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2015-7982

GHSA-PJH3-JV7W-9JPR

PT-2020-7901 · Gm · Gm

CVE-2015-7982

Weakness Enumeration

Related Identifiers

Affected Products

References · 5