CVE Vulnerabilities

CVE-2014-9826

Published: Mar 30, 2017 | Modified: Apr 20, 2025

CVSS 3.x

9.8

CRITICAL

Source:

NVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.x

7.5 HIGH

RedHat/V2

4.3 MODERATE

RedHat/V3

Ubuntu

NEGLIGIBLE

Vulnerability-free packages from our partners

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-9826
CWE	https://cwe.mitre.org/data/definitions/388.html

ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files.

Affected Software

Name	Vendor	Start Version	End Version
Imagemagick	Imagemagick	- (including)	- (including)
Imagemagick	Ubuntu	esm-infra-legacy/trusty	*
Imagemagick	Ubuntu	precise	*
Imagemagick	Ubuntu	trusty	*
Imagemagick	Ubuntu	trusty/esm	*
Imagemagick	Ubuntu	upstream	*

References

http://www.openwall.com/lists/oss-security/2014/12/24/1
http://www.openwall.com/lists/oss-security/2016/06/02/13
https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=69490f5cffbda612e15a2985699455bb0b45e276
https://bugzilla.redhat.com/show_bug.cgi?id=1343482
http://www.openwall.com/lists/oss-security/2014/12/24/1
http://www.openwall.com/lists/oss-security/2016/06/02/13
https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=69490f5cffbda612e15a2985699455bb0b45e276
https://bugzilla.redhat.com/show_bug.cgi?id=1343482

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.

Copyright © 2025 Aqua Security Software Ltd. Privacy Policy | Terms of Use