CNNVD-202508-1341 Information
CNNVD ID
CNNVD-202508-1341
Related CVE
- CNNVD Published: 2025-08-13
Description (Chinese)
ImageMagick是ImageMagick开源的一套开源的图像处理软件。可读取、转换或写入多种格式的图片。 ImageMagick 7.1.2-1之前版本存在安全漏洞,该漏洞源于Log到sRGB色彩空间转换时未处理大于1024的参考值,可能导致内存损坏。
Description (English)
ImageMagick is an open-source image-processing software for ImageMagick open source. Reads, converts or writes pictures in multiple formats. There is a security loophole in the previous version of ImageMagick 7.1.2-1, which stems from the fact that reference values greater than 1024 were not addressed when the Log to sRGB colour space was converted and could cause memory damage.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
ImageMagick
Published
2025-08-13
Last Modified
2026-02-24
References
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v393-38qx-v8fp https://goo.gle/bigsleep https://access.redhat.com/security/cve/cve-2025-55005
Patch
https://github.com/ImageMagick/ImageMagick/releases
Share on: