Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-53101

Опубликовано: 14 июл. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 7.4

Описание

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's magick mogrify command, specifying multiple consecutive %d format specifiers in a filename template causes internal pointer arithmetic to generate an address below the beginning of the stack buffer, resulting in a stack overflow through vsnprintf(). Versions 7.1.2-0 and 6.9.13-26 fix the issue.

РелизСтатусПримечание
devel

not-affected

8:7.1.2.3+dfsg1-1
esm-apps/focal

released

8:6.9.10.23+dfsg-2.1ubuntu11.11+esm2
esm-apps/jammy

released

8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm2
esm-apps/noble

released

8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm1
esm-infra-legacy/trusty

released

8:6.7.7.10-6ubuntu3.13+esm13
esm-infra/bionic

released

8:6.9.7.4+dfsg-16ubuntu6.15+esm4
esm-infra/xenial

released

8:6.8.9.9-7ubuntu5.16+esm12
jammy

needed

noble

needed

plucky

needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 17%
0.00054
Низкий

7.4 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2025-53101

CVSS3: 6.5
redhat
5 месяцев назад

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal pointer arithmetic to generate an address below the beginning of the stack buffer, resulting in a stack overflow through `vsnprintf()`. Versions 7.1.2-0 and 6.9.13-26 fix the issue.

nvd логотип

CVE-2025-53101

CVSS3: 7.4
nvd
5 месяцев назад

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal pointer arithmetic to generate an address below the beginning of the stack buffer, resulting in a stack overflow through `vsnprintf()`. Versions 7.1.2-0 and 6.9.13-26 fix the issue.

debian логотип

CVE-2025-53101

CVSS3: 7.4
debian
5 месяцев назад

ImageMagick is free and open-source software used for editing and mani ...

github логотип

GHSA-qh3h-j545-h8c9

CVSS3: 7.4
github
4 месяца назад

ImageMagick has a Stack Buffer Overflow in image.c

fstec логотип

BDU:2025-10876

CVSS3: 7.5
fstec
5 месяцев назад

Уязвимость функции vsnprintf() консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 17%
0.00054
Низкий

7.4 High

CVSS3