CLSA-2026-1775683048 ImageMagick: Fix of CVE-2025-57807

CVE-2025-57807: heap buffer overflow in WriteBlobStream and WriteBlob via incorrect extent calculation when offset exceeds current capacity...

CLSA-2026-1775682890 ImageMagick: Fix of CVE-2025-57807

CVE-2025-57807: heap buffer overflow in WriteBlobStream and WriteBlob via incorrect extent calculation when offset exceeds current capacity...

OESA-2025-2248 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

OESA-2025-2245 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

CVE-2025-57807 ImageMagick BlobStream Forward-Seek Under-Allocation

ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob, which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob, which then expan...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the WriteBlob function. An attacker can achieve memory corruption, by manipulating the stream offset using a forward seek beyond the current buffer extent and then performing a write operation. This allows writing...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the WriteBlob function. An attacker can achieve memory corruption, by manipulating the stream offset using a forward seek beyond the current buffer extent and then performing a write operation. This allows writing...

Out-of-bounds Write

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

Out-of-bounds Write

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Write

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

PT-2025-36602

Reporter: Lumina Mescuwa Product: ImageMagick 7 MagickCore Component: MagickCore/blob.c Blob I/O - BlobStream Tested: 7.1.2-0 source tag and 7.1.2-1 Homebrew, macOS arm64, clang-17, Q16-HDRI Impact: Heap out-of-bounds WRITE attacker-controlled bytes at attacker-chosen offset → memory corruption;...

DEBIAN-CVE-2017-9142

In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c...

UBUNTU-CVE-2017-9142

In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c...