Description
ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial of service.
Problem types
Product status
Any version before 7.1.2-19
7.1.2-19 (semver)
Credits
e1abrador
References
github.com/...Magick/security/advisories/GHSA-8vfj-q2cp-5m5j (GitHub Security Advisory (GHSA-8vfj-q2cp-5m5j))
www.vulncheck.com/...ow-read-via-unrecognized-magnify-method (VulnCheck Advisory: ImageMagick - Heap Buffer Overflow Read via Unrecognized Magnify Method)