5 matches found
The vulnerability of the SeekBlob() and WriteBlob() functions in the console-based image editing tool ImageMagick allows a hacker to execute arbitrary code.
The vulnerability of the SeekBlob and WriteBlob functions in the console-based image editing tool ImageMagick is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
OESA-2025-2248 ImageMagick security update
Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...
OESA-2025-2245 ImageMagick security update
Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...
CVE-2025-57807 ImageMagick BlobStream Forward-Seek Under-Allocation
ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob, which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob, which then expan...
PT-2025-36602
Reporter: Lumina Mescuwa Product: ImageMagick 7 MagickCore Component: MagickCore/blob.c Blob I/O - BlobStream Tested: 7.1.2-0 source tag and 7.1.2-1 Homebrew, macOS arm64, clang-17, Q16-HDRI Impact: Heap out-of-bounds WRITE attacker-controlled bytes at attacker-chosen offset → memory corruption;...