Fluid Attacks Database

Description

A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior through a division by zero. The highest threat from this vulnerability is to system availability.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	imagemagick	>=0 <8:6.9.11.57+dfsg-1	8:6.9.11.57+dfsg-1
debian 13	imagemagick	>=0 <8:6.9.11.57+dfsg-1	8:6.9.11.57+dfsg-1
debian 14	imagemagick	>=0 <8:6.9.11.57+dfsg-1	8:6.9.11.57+dfsg-1
debian 11	imagemagick	>=0 <8:6.9.11.57+dfsg-1	8:6.9.11.57+dfsg-1
rpm rhel6	ImageMagick	-	-
rpm rhel5	ImageMagick	-	-
rpm rhel7	ImageMagick	-	-

Aliases

1. CVE-2021-201762. NVD-2021-201763. OSV-DEBIAN-2021-201764. OSV-2021-201765. SECURITY-TRACKER-CVE-2021-20176

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.