VulnerableCode Package Details - pkg:nuget/Magick.NET-Q16-x86@14.10.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:nuget/Magick.NET-Q16-x86@14.10.0

Essentials
History (1)

purl	pkg:nuget/Magick.NET-Q16-x86@14.10.0

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-b6r1-c2tq-47f2	ImageMagick is vulnerable to an integer Overflow in TIM decoder leading to out of bounds read (32-bit only) The TIM (PSX TIM) image parser in ImageMagick contains a critical integer overflow vulnerability in the `ReadTIMImage` function (`coders/tim.c`). The code reads `width` and `height` (16-bit values) from the file header and calculates `image_size = 2 * width * height` without checking for overflow. On 32-bit systems (or where `size_t` is 32-bit), this calculation can overflow if `width` and `height` are large (e.g., 65535), wrapping around to a small value. This results in a small heap allocation via `AcquireQuantumMemory` and later operations relying on the dimensions can trigger an out of bounds read.	CVE-2025-66628 GHSA-6hjr-v6g4-3fm8

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:49:07.480591+00:00	GitLab Importer	Fixing	VCID-b6r1-c2tq-47f2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Magick.NET-Q16-x86/CVE-2025-66628.yml	38.6.0