VYPR

NuGet package

magick.net-q8-x64

pkg:nuget/magick.net-q8-x64

Vulnerabilities (77)

  • CVE-2026-22770Jan 20, 2026
    affected < 14.10.2fixed 14.10.2

    ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But, in versions prior to 7.1.2-13, the last element in the set is not properly initializ

  • CVE-2025-68950Dec 30, 2025
    affected < 14.10.1fixed 14.10.1

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows readin

  • CVE-2025-68469Dec 18, 2025
    affected < 13.2.0fixed 13.2.0

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMagick crashes when processing a crafted TIFF file. Version 7.1.1-14 fixes the issue.

  • CVE-2025-65955Dec 2, 2025
    affected <= 14.9.1

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family

  • CVE-2025-62594Oct 27, 2025
    affected <= 14.9.0

    ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero, unsi

  • CVE-2025-57807Sep 5, 2025
    affected < 14.8.2fixed 14.8.2

    ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob(), which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBl

  • CVE-2025-55298Aug 26, 2025
    affected < 14.8.1fixed 14.8.1

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleStrin

  • CVE-2025-55212Aug 26, 2025
    affected < 14.8.1fixed 14.8.1

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2, passing a geometry string containing only a colon (":") to montage -geometry leads GetGeometry() to set width/height to 0. Later, ThumbnailImage

  • CVE-2025-55160Aug 13, 2025
    affected < 14.8.0fixed 14.8.0

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in s

  • CVE-2025-55154Aug 13, 2025
    affected < 14.8.0fixed 14.8.0

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage (in coders/png.c) are unsafe and can overflow, leading to memory corruption. This issue has b

  • CVE-2025-55004Aug 13, 2025
    affected < 14.8.0fixed 14.8.0

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in ReadOn

  • CVE-2025-53101Jul 14, 2025
    affected < 14.7.0fixed 14.7.0

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal poin

  • CVE-2025-53019Jul 14, 2025
    affected < 14.7.0fixed 14.7.0

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick stream` command, specifying multiple consecutive `%d` format specifiers in a filename template causes a memory leak.

  • CVE-2025-53015Jul 14, 2025
    affected < 14.7.0fixed 14.7.0

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0, infinite lines occur when writing during a specific XMP file conversion command. Version 7.1.2-0 fixes the issue.

  • CVE-2025-53014Jul 14, 2025
    affected < 14.7.0fixed 14.7.0

    ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the `InterpretImageFilename` function. The issue stems from an off-by-one error that causes out-of-bounds memory a

  • CVE-2023-4863KEVSep 12, 2023
    affected < 13.3.0fixed 13.3.0

    Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2023-1289Mar 23, 2023
    affected < 13.0.0fixed 13.0.0

    A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," result

Page 4 of 4