CVE-2019-13309

MEDIUM6.5EPSS 0.20%

Published: 7/5/2019Modified: 4/28/2026

Description

ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.

Affected packages (2)

Alpine/imagemagickfrom 0, < 6.9.10.53-r0
Debian/imagemagickfrom 0, < 8:6.9.11.24+dfsg-1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM6.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References (2)

ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2019-13309
ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2019-13309