Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-55160

Опубликовано: 13 авг. 2025
Источник: debian
EPSS Низкий

Описание

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
imagemagickfixed8:7.1.2.1+dfsg1-1package

Примечания

  • https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6hgw-6x87-578x

  • https://github.com/ImageMagick/ImageMagick/commit/63d8769dd6a8f32f4096c71be9e08a2c081e47da (7.1.2-1)

  • https://github.com/ImageMagick/ImageMagick6/commit/986bddf243da88768e8198ee07c758768c098108 (6.9.13-27)

  • Negligible security impact

EPSS

Процентиль: 14%
0.00045
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-55160

CVSS3: 6.1
ubuntu
3 месяца назад

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.

redhat логотип

CVE-2025-55160

CVSS3: 6.1
redhat
3 месяца назад

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.

nvd логотип

CVE-2025-55160

CVSS3: 6.1
nvd
3 месяца назад

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.

github логотип

GHSA-6hgw-6x87-578x

CVSS3: 6.1
github
3 месяца назад

ImageMagick has Undefined Behavior (function-type-mismatch) in CloneSplayTree

fstec логотип

BDU:2025-10859

CVSS3: 6.1
fstec
4 месяца назад

Уязвимость консольного графического редактора ImageMagick, связанная с зависимостью от неопределенного для каждого типа реализации поведения, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 14%
0.00045
Низкий