CVE-2025-46393 | THREATINT

Description

In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (related to the rendering of all channels in an arbitrary order).

PUBLISHED Reserved 2025-04-23 | Published 2025-04-23 | Updated 2025-04-23 | Assigner mitre

LOW: 2.9CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Problem types

CWE-131 Incorrect Calculation of Buffer Size

Product status

Default status

unaffected

Any version before 7.1.1-44

affected

References

github.com/ImageMagick/Website/blob/main/ChangeLog.md

github.com/...ommit/81ac8a0d2eb21739842ed18c48c7646b7eef65b8

cve.org (CVE-2025-46393)

nvd.nist.gov (CVE-2025-46393)

Download JSON