VYPR

Imagemagick

by ImageMagick

Source repositories

CVEs (781)

  • CVE-2025-55160Aug 13, 2025
    risk 0.00cvss epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in…

  • CVE-2025-55154Aug 13, 2025
    risk 0.00cvss epss 0.01

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage (in coders/png.c) are unsafe and can overflow, leading to memory corruption. This issue has…

  • CVE-2025-55005Aug 13, 2025
    risk 0.00cvss epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when preparing to transform from Log to sRGB colorspaces, the logmap construction fails to handle cases where the reference-black or reference-white value is…

  • CVE-2025-55004Aug 13, 2025
    risk 0.00cvss epss 0.01

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in…

  • CVE-2025-53101Jul 14, 2025
    risk 0.00cvss epss 0.01

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal…

  • CVE-2025-53019Jul 14, 2025
    risk 0.00cvss epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick stream` command, specifying multiple consecutive `%d` format specifiers in a filename template causes a memory…

  • CVE-2025-53015Jul 14, 2025
    risk 0.00cvss epss 0.01

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0, infinite lines occur when writing during a specific XMP file conversion command. Version 7.1.2-0 fixes the issue.

  • CVE-2025-53014Jul 14, 2025
    risk 0.00cvss epss 0.01

    ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the `InterpretImageFilename` function. The issue stems from an off-by-one error that causes out-of-bounds memory…

  • CVE-2024-6486May 15, 2025
    risk 0.00cvss epss 0.02

    The ImageMagick Engine ImageMagick Engine WordPress plugin before 1.7.11 for WordPress is vulnerable to OS Command Injection via the "cli_path" parameter. This allows authenticated attackers, with administrator-level permission to execute arbitrary OS commands on the server…

  • CVE-2025-46393Apr 23, 2025
    risk 0.00cvss epss 0.00

    In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (related to the rendering of all channels in an arbitrary order).

  • CVE-2025-43965Apr 23, 2025
    risk 0.00cvss epss 0.00

    In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used.

  • CVE-2024-41817Jul 29, 2024
    risk 0.00cvss epss 0.01

    ImageMagick is a free and open-source software suite, used for editing and manipulating digital images. The `AppImage` version `ImageMagick` might use an empty path when setting `MAGICK_CONFIGURE_PATH` and `LD_LIBRARY_PATH` environment variables while executing, which might lead…

  • CVE-2023-5341Nov 19, 2023
    risk 0.00cvss epss 0.00

    A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.

  • CVE-2023-3428Oct 4, 2023
    risk 0.00cvss epss 0.00

    A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service.

  • CVE-2021-40211Aug 22, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c.

  • CVE-2022-48541Aug 22, 2023
    risk 0.00cvss epss 0.01

    A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the "identify -help" command.

  • CVE-2023-39978Aug 8, 2023
    risk 0.00cvss epss 0.00

    ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw.

  • CVE-2023-3745Jul 24, 2023
    risk 0.00cvss epss 0.00

    A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an application to…

  • CVE-2023-34474Jun 16, 2023
    risk 0.00cvss epss 0.00

    A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application to crash, resulting in a…

  • CVE-2023-34475Jun 16, 2023
    risk 0.00cvss epss 0.00

    A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write error, allowing an application to crash, resulting in…

Page 30 of 40