ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).

Recent assessments:

MadDud at February 03, 2023 2:34pm UTC reported:

ImageMagick 7.1.0-49 is vulnerable to Information Disclosure by injecting a malicious PNG file.

“A malicious actor could craft a PNG or use an existing one and add a textual chunk type (e.g., tEXt). These types have a keyword and a text string. If the keyword is the string “profile” (without quotes) then ImageMagick will interpret the text string as a filename and will load the content as a raw profile, then the attacker can download the resized image which will come with the content of a remote file.”

At risk

ImageMagick 7.1.0-49

Mitigation

Patch to version 7.1.0-52 or higher

Assessed Attacker Value: 4
Assessed Attacker Value: 4Assessed Attacker Value: 4