Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2026-25798

Опубликовано: 24 фев. 2026
Источник: debian
EPSS Низкий

Описание

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in ClonePixelCacheRepository allows a remote attacker to crash any application linked against ImageMagick by supplying a crafted image file, resulting in denial of service. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
imagemagickfixed8:7.1.2.15+dfsg1-1package

Примечания

  • https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p863-5fgm-rgq4

  • Fixed by: https://github.com/ImageMagick/ImageMagick/commit/16dd3158ce197c6f65e7798a7a5cc4538bb0303e (7.1.2-14)

  • Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/93a38e3a7bfb7a492409275321eca94df7cd03a7 (6.9.13-39)

EPSS

Процентиль: 34%
0.00139
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2026-25798

CVSS3: 5.3
ubuntu
около 1 месяца назад

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in ClonePixelCacheRepository allows a remote attacker to crash any application linked against ImageMagick by supplying a crafted image file, resulting in denial of service. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

redhat логотип

CVE-2026-25798

CVSS3: 5.3
redhat
около 1 месяца назад

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in ClonePixelCacheRepository allows a remote attacker to crash any application linked against ImageMagick by supplying a crafted image file, resulting in denial of service. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

nvd логотип

CVE-2026-25798

CVSS3: 5.3
nvd
около 1 месяца назад

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in ClonePixelCacheRepository allows a remote attacker to crash any application linked against ImageMagick by supplying a crafted image file, resulting in denial of service. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

github логотип

GHSA-p863-5fgm-rgq4

CVSS3: 5.3
github
около 1 месяца назад

ImageMagick has NULL Pointer Dereference in ClonePixelCacheRepository via crafted image

suse-cvrf логотип

SUSE-SU-2026:0853-1

suse-cvrf
19 дней назад

Security update for ImageMagick

EPSS

Процентиль: 34%
0.00139
Низкий