SUSE SLES12 Security Update : ImageMagick (SUSE-SU-2025:4429-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:4429-1 advisory. - CVE-2025-66628: possible integer overflow in the TIM image parser's ReadTIMImage function can lead to arbitrary memory disclosure on 32-bit systems...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-66628: possible integer overflow in the TIM image parser's ReadTIMImage function can lead to arbitrary memory disclosure on 32-bit systems bsc1254820. Patch Instructions: To install this SUSE update use the SUSE recommended...

SUSE-SU-2025:4429-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-66628: possible integer overflow in the TIM image parser's ReadTIMImage function can lead to arbitrary memory disclosure on 32-bit systems bsc1254820...

Integer Overflow

ImageMagick is vulnerable to an integer overflow. The vulnerability is due to improper validation of width and height values in the TIM image parser’s ReadTIMImage function when calculating the image size without overflow checks, which allows an attacker to supply a crafted TIM image that trigger...

SUSE CVE-2025-66628

ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM PSX TIM image parser contains a critical integer overflow vulnerability in its ReadTIMImage function coders/tim.c. The code reads width and height 16-bit values from the file...

DEBIAN-CVE-2025-66628

ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM PSX TIM image parser contains a critical integer overflow vulnerability in its ReadTIMImage function coders/tim.c. The code reads width and height 16-bit values from the file...

CVE-2025-66628 ImageMagick is vulnerable to an Integer Overflow in TIM decoder leading to out of bounds read (32-bit only)

ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM PSX TIM image parser contains a critical integer overflow vulnerability in its ReadTIMImage function coders/tim.c. The code reads width and height 16-bit values from the file...

CVE-2025-66628 ImageMagick is vulnerable to an Integer Overflow in TIM decoder leading to out of bounds read (32-bit only)

ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM PSX TIM image parser contains a critical integer overflow vulnerability in its ReadTIMImage function coders/tim.c. The code reads width and height 16-bit values from the file...

CVE-2025-66628

ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM PSX TIM image parser contains a critical integer overflow vulnerability in its ReadTIMImage function coders/tim.c. The code reads width and height 16-bit values from the file...

Out-of-bounds Read

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Read

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

Out-of-bounds Read

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Read

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Read

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

PT-2025-50551

Name of the Vulnerable Software and Affected Versions ImageMagick versions 7.1.2-9 and prior Description ImageMagick is a software suite used for image creation, editing, composition, and conversion. A critical integer overflow exists in the TIM PSX TIM image parser's ReadTIMImage function...

imagemagick/encoder_tim_fuzzer: Use-of-uninitialized-value in PushColormapIndex

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=6486704652288000 Project: imagemagick Fuzzer: libFuzzerimagemagickencodertimfuzzer Fuzz target binary: encodertimfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

graphicsmagick/coder_TIM_fuzzer: Unknown signal in ReadTIMImage

Project: http://hg.code.sf.net/p/graphicsmagick/code Detailed report: https://oss-fuzz.com/testcase?key=5112875224924160 Project: graphicsmagick Fuzzer: libFuzzergraphicsmagickcoderTIMfuzzer Fuzz target binary: coderTIMfuzzer Job Type: libfuzzerubsangraphicsmagick Platform Id: linux Crash Type:...

imagemagick/encoder_tim_fuzzer: Use-of-uninitialized-value in PushColormapIndex

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5065100877627392 Project: imagemagick Fuzzer: libFuzzerimagemagickencodertimfuzzer Fuzz target binary: encodertimfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...