10 matches found
Allocation of Resources Without Limits or Throttling
Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Allocation of Resources Without Limits or Throttling
Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
PT-2026-37200
Name of the Vulnerable Software and Affected Versions Pillow versions 10.3.0 through 12.1.x Description Processing a malicious PSD file can lead to memory corruption, potentially resulting in a crash or arbitrary code execution. This occurs because bounds checks for tile extents in PSD image...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the PSD decoding process due to a mismatch between the computed bytes-per-pixel from the image header and the allocated pixel buffer size in LAB 16-bit mode. An attacker can achieve arbitrary code execution or cau...
CVE-2026-40493 SAIL has heap buffer overflow in PSD decoder — bpp mismatch in LAB 16-bit mode
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec computes bytes-per-pixel bpp from raw header fields channels depth, but the pixel buffer is allocated base...
CVE-2025-53510
A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .psd file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based buffe...
DEBIAN-CVE-2025-53510
A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .psd file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based buffe...
CVE-2025-53510
A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .psd file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based buffe...
SUSE CVE-2017-17681
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service CPU exhaustion via a crafted psd image file...
GLSA-200501-37 : GraphicsMagick: PSD decoding heap overflow
The remote host is affected by the vulnerability described in GLSA-200501-37 GraphicsMagick: PSD decoding heap overflow Andrei Nigmatulin discovered that handling a Photoshop Document PSD file with more than 24 layers in ImageMagick could trigger a heap overflow GLSA 200501-26. GraphicsMagick is...