CNNVD-202512-5094 Information
CNNVD ID
CNNVD-202512-5094
Related CVE
- CNNVD Published: 2025-12-30
Description (Chinese)
ImageMagick是ImageMagick开源的一套开源的图像处理软件。可读取、转换或写入多种格式的图片。 ImageMagick 7.1.2-12之前版本存在输入验证错误漏洞,该漏洞源于WriteSVGImage函数中整数溢出,可能导致缓冲区溢出和拒绝服务攻击。
Description (English)
ImageMagick is an open-source image-processing software for ImageMagick open source. Reads, converts or writes pictures in multiple formats. There was an input validation error gap in the pre-ImageMagick 7.1.2-12 version, which originated in an integer spill in the WriteSVGImage function, which could lead to a buffer zone spill and denial of service attacks.
Hazard Level
High
Vulnerability Type
输入验证错误
Affected Vendor
in-toto
Published
2025-12-30
Last Modified
2026-02-24
References
https://github.com/ImageMagick/ImageMagick/commit/2c08c2311693759153c9aa99a6b2dcb5f985681e https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hrh7-j8q2-4qcw
Patch
https://imagemagick.org/script/download.php#gsc.tab=0
Share on: