logo

Database

Lack of data validation In magick.net-q16-openmp-x64

Description

ImageMagick: Out of bounds read in multiple coders read raw pixel data A heap buffer over-read vulnerability exists in multiple raw image format handles. The vulnerability occurs when processing images with -extract dimensions larger than -size dimensions, causing out-of-bounds memory reads from a heap-allocated buffer.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

1-10 of 22

10

Aliases

1. CVE-2026-255762. NVD-2026-255763. OSV-2026-255764. OSV-DEBIAN-2026-255765. GHSA-jv4p-gjwq-9r2j6. GCVE-2026-255767. SECURITY-TRACKER-CVE-2026-25576

References

1. https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-jv4p-gjwq-9r2j2. https://github.com/ImageMagick/ImageMagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f3. https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.