logo

Database

Improper resource allocation In magick.net-q8-anycpu

Description

ImageMagick: Infinite loop vulnerability when parsing a PCD file When a PCD file does not contain a valid marker, the DecodeImage() function becomes trapped in an infinite loop while searching for the marker, causing the program to become unresponsive and continuously consume CPU resources, ultimately leading to system resource exhaustion and denial of service.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

1-10 of 25

10

Aliases

1. CVE-2026-244852. NVD-2026-244853. OSV-2026-244854. OSV-DEBIAN-2026-244855. GHSA-pqgj-2p96-rx856. GCVE-2026-244857. SECURITY-TRACKER-CVE-2026-24485

References

1. https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pqgj-2p96-rx852. https://github.com/ImageMagick/ImageMagick/commit/332c1566acc2de77857032d3c2504ead6210ff503. https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.