CNNVD-202508-1342 Information
CNNVD ID
CNNVD-202508-1342
Related CVE
- CNNVD Published: 2025-08-13
Description (Chinese)
ImageMagick是ImageMagick开源的一套开源的图像处理软件。可读取、转换或写入多种格式的图片。 ImageMagick 6.9.13-27和7.1.2-1之前版本存在输入验证错误漏洞,该漏洞源于ReadOneMNGIMage中的放大尺寸计算不安全,可能导致内存损坏。
Description (English)
ImageMagick is an open-source image-processing software for ImageMagick open source. Reads, converts or writes pictures in multiple formats. Prior to ImageMagick 6.9.13-27 and 7.1.2-1, there was an input validation error loophole, which originated from the unsafe magnification dimension calculation in ReadOneMNGIMage, which could cause memory damage.
Hazard Level
Medium
Vulnerability Type
输入验证错误
Affected Vendor
ImageMagick
Published
2025-08-13
Last Modified
2026-02-24
References
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qp29-wxp5-wh82 https://goo.gle/bigsleep https://access.redhat.com/security/cve/cve-2025-55154
Patch
https://github.com/ImageMagick/ImageMagick/releases
Share on: