CNNVD-202601-3669 Information

CNNVD ID

CNNVD-202601-3669

Related CVE

CVE-2026-23952

• CNNVD Published: 2026-01-22

Description (Chinese)

ImageMagick是ImageMagick开源的一套开源的图像处理软件。可读取、转换或写入多种格式的图片。 ImageMagick 14.10.1及之前版本存在代码问题漏洞，该漏洞源于MSL解析器在处理标签时存在空指针取消引用，可能导致拒绝服务攻击。

Description (English)

ImageMagick is an open-source image-processing software for ImageMagick open source. Reads, converts or writes pictures in multiple formats. ImageMagick 14.10.1 and previous versions had a code problem loophole, which stemmed from an empty pointer unreferenced by the MSL solver when processing labels, which could lead to a denial of service attack.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

ImageMagick

Published

2026-01-22

Last Modified

2026-02-24

References

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5vx3-wx4q-6cj8 https://github.com/dlemstra/Magick.NET/releases/tag/14.10.2 https://access.redhat.com/security/cve/cve-2026-23952

Patch

https://imagemagick.org/script/download.php#gsc.tab=0