CNNVD-202512-5095 Information

CNNVD ID

CNNVD-202512-5095

Related CVE

CVE-2025-68950

• CNNVD Published: 2025-12-30

Description (Chinese)

ImageMagick是ImageMagick开源的一套开源的图像处理软件。可读取、转换或写入多种格式的图片。 ImageMagick 7.1.2-12之前版本存在安全漏洞，该漏洞源于未检查两个MVG之间的循环引用，可能导致栈溢出和拒绝服务攻击。

Description (English)

ImageMagick is an open-source image-processing software for ImageMagick open source. Reads, converts or writes pictures in multiple formats. Prior to ImageMagick 7.1.2-12, there was a security loophole, which stemmed from the failure to examine circular references between the two MVGs, which could lead to spills and denial of service attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

in-toto

Published

2025-12-30

Last Modified

2026-02-24

References

https://github.com/ImageMagick/ImageMagick/commit/204718c2211903949dcfc0df8e65ed066b008dec https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7rvh-xqp3-pr8j

Patch

https://imagemagick.org/script/download.php#gsc.tab=0