logo

Database

Out-of-bounds read In magick.net-q16-x86

Description

ImageMagick has a heap-buffer-overflow in FTXT encoder The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read.

==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148
READ of size 1 at 0x5020000085b2 thread T0

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

1-10 of 18

10

Aliases

1. GHSA-w54j-7wpm-crhj2. GCVE-GHSA-w54j-7wpm-crhj

References

1. https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-w54j-7wpm-crhj

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.