Fluid Attacks Database

Description

ImageMagick has a heap buffer overflow read in magnify operation via unrecognized magnify:method value An unrecognized magnify:method will result in an out of bounds read in the magnify operation.

==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30
READ of size 4 at 0x61a000000b30 thread T0

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
nuget	magick.net-q16-hdri-arm64	>=0 <14.12.0	14.12.0
nuget	magick.net-q8-arm64	>=0 <14.12.0	14.12.0
nuget	magick.net-q16-x86	>=0 <14.12.0	14.12.0
nuget	magick.net-q16-hdri-openmp-arm64	>=0 <14.12.0	14.12.0
nuget	magick.net-q16-hdri-openmp-x64	>=0 <14.12.0	14.12.0
nuget	magick.net-q8-anycpu	>=0 <14.12.0	14.12.0
nuget	magick.net-q8-openmp-arm64	>=0 <14.12.0	14.12.0
nuget	magick.net-q8-openmp-x64	>=0 <14.12.0	14.12.0
nuget	magick.net-q16-anycpu	>=0 <14.12.0	14.12.0
nuget	magick.net-q16-openmp-x64	>=0 <14.12.0	14.12.0

1-10 of 18

Aliases

1. GHSA-8vfj-q2cp-5m5j2. GCVE-GHSA-8vfj-q2cp-5m5j

References

1. https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8vfj-q2cp-5m5j