VIR Vulnerability Intelligence Relay

CVE-2017-13066

medium
Published 2017-08-22 · Modified 2026-05-13
CVSS v3
6.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS v2
4.3
VIR risk
6.5

Description

GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c.

Predictions

Exploit likelihood
75%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2017-13066

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2017-13066.html

vendor Authored 2026-05-27

Vendor advisory: arch — https://security.archlinux.org/ASA-201801-7

OS impact
OSVersionStatusFixed in
arch archfixed1.3.27-1
suse slesaffected
debian debianbookwormfixed1.3.27-1
debian debianbullseyefixed1.3.27-1
debian debianforkyfixed1.3.27-1
debian debiansidfixed1.3.27-1
debian debiantrixiefixed1.3.27-1

Application impact
VendorProductVersionsFixed
graphicsmagickgraphicsmagick1.3.26

References

CWEs

CWE-772

Verify integrity in audit chain (admin only). AS-IS.