CVE-2021-20245

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions ImageMagick (affected versions not specified)

Description A flaw was found in ImageMagick in coders/webp.c, related to a lack of division by zero check. This issue can be exploited by a remote attacker who submits a crafted file that is processed by ImageMagick, potentially triggering undefined behavior in the form of math division by zero. The highest threat from this issue is to system availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Divide By Zero

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-369

Related Identifiers

ALT-PU-2021-1438

ALT-PU-2024-2243

BDU:2021-05183

CVE-2021-20245

DLA-2672-1

DLA-3429-1

USN-5736-1

USN-5736-2

Affected Products

Alt Linux

Astra Linux

Imagemagick

Linuxmint

Ubuntu

CVE-2021-20245

Weakness Enumeration

Related Identifiers

Affected Products

References · 57