11 matches found
Integer Overflow
ImageMagick is vulnerable to integer overflow. The vulnerability is due to unsafe magnified size calculations in the ReadOneMNGImage function coders/png.c, which allows an attacker to trigger memory corruption and potentially exploit the application...
OESA-2025-2247 ImageMagick security update
Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...
GHSA-CJC8-G9W8-CHFW imagemagick: heap-buffer overflow read in MNG magnification with alpha
Vulnerability Details When performing image magnification in ReadOneMNGIMage in coders/png.c, there is an issue around the handling of images with separate alpha channels. When loading an image with a color type that implies a separate alpha channel ie. jngcolortype = 12, we will load the alpha...
SUSE CVE-2025-55004
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in ReadOneMNGIMage. This c...
DEBIAN-CVE-2025-55154
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage in coders/png.c are unsafe and can overflow, leading to memory corruption. This issue has been patched in...
CVE-2025-55004 ImageMagick: heap-buffer overflow read in MNG magnification with alpha
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in ReadOneMNGIMage. This c...
SUSE CVE-2020-12672
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c...
DEBIAN-CVE-2018-9018
In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file...
PT-2018-1885 · Graphicsmagick +3 · Graphicsmagick +3
Name of the Vulnerable Software and Affected Versions: GraphicsMagick version 1.3.28 Description: The issue is related to a divide-by-zero error in the ReadMNGImage function of coders/png.c. This error can be triggered by remote attackers using a crafted mng file, potentially causing a crash and...
DEBIAN-CVE-2017-14103
The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call...
DEBIAN-CVE-2017-11526
The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service large loop and CPU consumption via a crafted file...