ImageMagick is a free and open-source software suite, used for editing and manipulating digital images. The `AppImage` version `ImageMagick` might use an empty path when setting `MAGICK_CONFIGURE_PATH` and `LD_LIBRARY_PATH` environment variables while executing, which might lead to arbitrary code execution by loading malicious configuration files or shared libraries in the current working directory while executing `ImageMagick`. The vulnerability is fixed in 7.11-36.
Metrics
Affected Vendors & Products
References
History
Wed, 11 Sep 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Imagemagick
Imagemagick imagemagick |
|
CPEs | cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:* | |
Vendors & Products |
Imagemagick
Imagemagick imagemagick |
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-07-29T15:53:17.236Z
Updated: 2024-08-02T04:46:53.171Z
Reserved: 2024-07-22T13:57:37.137Z
Link: CVE-2024-41817
Vulnrichment
Updated: 2024-08-02T04:46:53.171Z
NVD
Status : Modified
Published: 2024-07-29T16:15:05.360
Modified: 2024-11-21T09:33:07.940
Link: CVE-2024-41817
Redhat