Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-55160

Опубликовано: 13 авг. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 6.1

Описание

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.

РелизСтатусПримечание
devel

not-affected

8:7.1.2.3+dfsg1-1
esm-apps/focal

released

8:6.9.10.23+dfsg-2.1ubuntu11.11+esm3
esm-apps/jammy

released

8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm3
esm-apps/noble

released

8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm2
esm-infra-legacy/trusty

released

8:6.7.7.10-6ubuntu3.13+esm14
esm-infra/bionic

released

8:6.9.7.4+dfsg-16ubuntu6.15+esm5
esm-infra/xenial

released

8:6.8.9.9-7ubuntu5.16+esm13
jammy

needed

noble

needed

plucky

needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 14%
0.00045
Низкий

6.1 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2025-55160

CVSS3: 6.1
redhat
3 месяца назад

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.

nvd логотип

CVE-2025-55160

CVSS3: 6.1
nvd
3 месяца назад

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.

debian логотип

CVE-2025-55160

CVSS3: 6.1
debian
3 месяца назад

ImageMagick is free and open-source software used for editing and mani ...

github логотип

GHSA-6hgw-6x87-578x

CVSS3: 6.1
github
3 месяца назад

ImageMagick has Undefined Behavior (function-type-mismatch) in CloneSplayTree

fstec логотип

BDU:2025-10859

CVSS3: 6.1
fstec
4 месяца назад

Уязвимость консольного графического редактора ImageMagick, связанная с зависимостью от неопределенного для каждого типа реализации поведения, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 14%
0.00045
Низкий

6.1 Medium

CVSS3