CNNVD-202510-3475 Information
CNNVD ID
CNNVD-202510-3475
Related CVE
- CNNVD Published: 2025-10-27
Description (Chinese)
ImageMagick是ImageMagick开源的一套开源的图像处理软件。可读取、转换或写入多种格式的图片。 ImageMagick 7.1.2-8之前版本存在数字错误漏洞,该漏洞源于CLAHEImage函数中存在无符号整数下溢和除以零错误,可能导致越界内存访问和崩溃。
Description (English)
ImageMagick is an open-source image-processing software for ImageMagick open source. Reads, converts or writes pictures in multiple formats. There is a digital error loophole in the pre-ImageMagick 7.1.2-8 version, which stems from an unsigned integer spill and zero error in the CAHEImage function, which could lead to cross-border memory access and collapse.
Hazard Level
High
Vulnerability Type
数字错误
Affected Vendor
ImageMagick
Published
2025-10-27
Last Modified
2026-02-24
References
https://github.com/ImageMagick/ImageMagick/commit/7b47fe369eda90483402fcd3d78fa4167d3bb129 https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wpp4-vqfq-v4hp
Patch
https://imagemagick.org/script/download.php
Share on: