Unrated severityNVD Advisory· Published Aug 13, 2025· Updated Aug 13, 2025

ImageMagick: heap-buffer overflow in log colorspace handling

CVE-2025-55005

Description

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when preparing to transform from Log to sRGB colorspaces, the logmap construction fails to handle cases where the reference-black or reference-white value is larger than 1024. This leads to corrupting memory beyond the end of the allocated logmap buffer. This issue has been patched in version 7.1.2-1.

Affected products

ImageMagick/Imagemagickllm-fuzzy2 versions
<7.1.2-1+ 1 more
- (no CPE)range: <7.1.2-1
- (no CPE)range: < 7.1.2-1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v393-38qx-v8fpmitrex_refsource_CONFIRM
goo.gle/bigsleepmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000