logo

Database

Out-of-bounds read In imagemagick

Description

ImageMagick has Heap Buffer Over-Read in BilateralBlurImage BilateralBlurImage contains a heap buffer over-read caused by an incorrect conversion. When processing a crafted image with the -bilateral-blur operation an out of bounds read can occur.

=================================================================
==676172==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x50a0000079c0 at pc 0x57b483c722f7 bp 0x7fffc0acd380 sp 0x7fffc0acd370
READ of size 4 at 0x50a0000079c0 thread T0

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

1-10 of 23

10

Aliases

1. CVE-2026-309352. NVD-2026-309353. OSV-DEBIAN-2026-309354. OSV-2026-309355. GHSA-cqw9-w2m7-r2m26. GCVE-2026-309357. SECURITY-TRACKER-CVE-2026-30935

References

1. https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cqw9-w2m7-r2m22. https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.