CVE-2026-23952

Опубликовано: 22 янв. 2026

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 6.5

Описание

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL (Magick Scripting Language) parser when processing tags before images are loaded. This can lead to DoS attack due to assertion failure (debug builds) or NULL pointer dereference (release builds). This issue is fixed in version 14.10.2.

Релиз	Статус	Примечание
devel	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-infra-legacy/trusty	needs-triage
esm-infra/bionic	needs-triage
esm-infra/xenial	needs-triage
jammy	needs-triage
noble	needs-triage
questing	needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 13%

0.00044

Низкий

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2026-23952

CVSS3: 6.5

nvd

16 дней назад

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL (Magick Scripting Language) parser when processing <comment> tags before images are loaded. This can lead to DoS attack due to assertion failure (debug builds) or NULL pointer dereference (release builds). This issue is fixed in version 14.10.2.

CVE-2026-23952

CVSS3: 6.5

debian

16 дней назад

ImageMagick is free and open-source software used for editing and mani ...

GHSA-5vx3-wx4q-6cj8

CVSS3: 6.5

github

17 дней назад

ImageMagick has a NULL pointer dereference in MSL parser via <comment> tag before image load

SUSE-SU-2026:0384-1

suse-cvrf

3 дня назад

Security update for ImageMagick

EPSS

Процентиль: 13%

0.00044

Низкий

6.5 Medium

CVSS3

CVE-2026-23952

Описание

Пакет imagemagick

Ссылки на источники

Связанные уязвимости