Improper Resource Shutdown or Release

Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the stbigifloadnext function. An attacker can cause the application to become unavailable by enticing a user to open a specially crafted GIF image. This is only exploitable if a user interacts...

CVE-2026-29112

DiceBear is an avatar library for designers and developers. Prior to version 9.4.0, the ensureSize function in @dicebear/converter read the width and height attributes from the input SVG to determine the output canvas size for rasterization PNG, JPEG, WebP, AVIF. An attacker who can supply a...

CVE-2025-68950

A flaw was found in ImageMagick, free and open-source software used for editing and manipulating digital images. ImageMagick fails to check for circular references between two Magick Vector Graphics MVG files. A remote attacker could exploit this by providing a specially crafted MVG file, leading...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the WriteSVGImage function. An attacker can cause the application to crash or become unavailable by submitting a malicious MVG file that triggers an integer overflow and subsequent buffer overflow durin...

Integer Overflow or Wraparound

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...