VulnerableCode Package Details - pkg:nuget/Magick.NET-Q8-OpenMP-x64@14.10.4

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:nuget/Magick.NET-Q8-OpenMP-x64@14.10.4

Essentials
History (34)

purl	pkg:nuget/Magick.NET-Q8-OpenMP-x64@14.10.4

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (17)

Vulnerability	Summary	Aliases
VCID-1cpn-zvem-v7gt	ImageMagick has uninitialized pointer dereference in JBIG decoder An uninitialized pointer dereference vulnerability exists in the JBIG decoder due to a missing check.	CVE-2026-28691 GHSA-wj8w-pjxf-9g4f
VCID-2zje-ag2v-7kac	ImageMagick has heap buffer overflow in WriteXWDImage due to CARD32 arithmetic overflow in bytes_per_line calculation A 32-bit unsigned integer overflow in the XWD (X Windows) encoder can cause an undersized heap buffer allocation. When writing a extremely large image an out of bounds heap write can occur. ``` ================================================================= ==741961==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000083dc at pc 0x56553b4c4245 bp 0x7ffd9d20fef0 sp 0x7ffd9d20fee0 WRITE of size 1 at 0x5020000083dc thread T0 ```	CVE-2026-30937 GHSA-qpg4-j99f-8xcg
VCID-54da-fzyt-4ud2	ImageMagick has stack write buffer overflow in MNG encoder A stack buffer overflow vulnerability exists in the MNG encoder. There is a bounds checks missing that could corrupting the stack with attacker-controlled data. ``` ==2265506==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffec4971310 at pc 0x55e671b8a072 bp 0x7ffec4970f70 sp 0x7ffec4970f68 WRITE of size 1 at 0x7ffec4971310 thread T0 ```	CVE-2026-28690 GHSA-7h7q-j33q-hvpf
VCID-6h7x-3rue-kucp	ImageMagick has a heap buffer over-read via 32-bit integer overflow in MAT decoder In MAT decoder uses 32-bit arithmetic due to incorrect parenthesization resulting in a heap over-read. ``` ================================================================= ==969652==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x506000003b40 at pc 0x555557b2a926 bp 0x7fffffff4c80 sp 0x7fffffff4c70 READ of size 8 at 0x506000003b40 thread T0 ```	CVE-2026-28692 GHSA-mrmj-x24c-wwcv
VCID-bw4q-dt1r-y3e4	ImageMagick has heap-based buffer overflow in UHDR encoder A heap-based buffer overflow in the UHDR encoder can happen due to truncation of a value and it would allow an out of bounds write. ``` ================================================================ ==2158399==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x521000039500 at pc 0x562a4a42f968 bp 0x7ffcca4ed6c0 sp 0x7ffcca4ed6b0 WRITE of size 1 at 0x521000039500 thread T0 ```	CVE-2026-30931 GHSA-h95r-c8c7-mrwx
VCID-cuhw-ew1g-s3h2	ImageMagick has Heap Use-After-Free in ImageMagick MSL decoder A heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker to trigger access to freed memory by crafting an MSL file. ``` ================================================================= ==1500633==ERROR: AddressSanitizer: heap-use-after-free on address 0x527000011550 at pc 0x5612583fa212 bp 0x7ffedb86d160 sp 0x7ffedb86d150 READ of size 8 at 0x527000011550 thread T0 ```	CVE-2026-28687 GHSA-fpvf-frm6-625q
VCID-dabd-m3mf-3ker	ImageMagick has Heap Buffer Over-Read in BilateralBlurImage BilateralBlurImage contains a heap buffer over-read caused by an incorrect conversion. When processing a crafted image with the `-bilateral-blur` operation an out of bounds read can occur. ``` ================================================================= ==676172==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x50a0000079c0 at pc 0x57b483c722f7 bp 0x7fffc0acd380 sp 0x7fffc0acd370 READ of size 4 at 0x50a0000079c0 thread T0 ```	CVE-2026-30935 GHSA-cqw9-w2m7-r2m2
VCID-g41y-dv8u-3yf1	ImageMagick has Heap Buffer Overflow in WaveletDenoiseImage A crafted image could cause an out of bounds heap write inside the WaveletDenoiseImage method. When processing a crafted image with the -wavelet-denoise operation an out of bounds write can occur. ``` ================================================================= ==661320==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x503000002754 at pc 0x5ff45f82c92a bp 0x7fffb732b400 sp 0x7fffb732b3f0 WRITE of size 4 at 0x503000002754 thread T0 ```	CVE-2026-30936 GHSA-5ggv-92r5-cp4p
VCID-n47w-r932-abey	ImageMagick is vulnerable to Heap Overflow when writing extremely large image profile in the PNG encoder An extremely large image profile could result in a heap overflow when encoding a PNG image.	CVE-2026-30883 GHSA-qmw5-2p58-xvrc
VCID-r3vw-ncns-cqgb	ImageMagick is vulnerable to heap buffer over-write on 32-bit systems in SFW decoder An overflow on 32-bit systems can cause a crash in the SFW decoder when processing extremely large images.	CVE-2026-31853 GHSA-56jp-jfqg-f8f4
VCID-rbdg-vz8x-ykah	ImageMagick has heap use-after-free in the MSL encoder A heap-use-after-free vulnerability exists in the MSL encoder, where a cloned image is destroyed twice. The MSL coder does not support writing MSL so the write capability has been removed. ``` SUMMARY: AddressSanitizer: heap-use-after-free MagickCore/image.c:1195 in DestroyImage Shadow bytes around the buggy address: 0x0a4e80007450: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0a4e80007460: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0a4e80007470: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0a4e80007480: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0a4e80007490: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd =>0x0a4e800074a0: fd fd fd fd fd fd fd fd fd fd[fd]fd fd fd fd fd 0x0a4e800074b0: fd fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa 0x0a4e800074c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0a4e800074d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0a4e800074e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0a4e800074f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa ```	CVE-2026-28688 GHSA-xxw5-m53x-j38c
VCID-rj9n-ra1t-77dy	ImageMagick has stack buffer overflow in MagnifyImage MagnifyImage uses a fixed-size stack buffer. When using a specific image it is possible to overflow this buffer and corrupt the stack.	CVE-2026-30929 GHSA-rqq8-jh93-f4vg
VCID-rjkf-pdny-2fhn	ImageMagick vulnerable to stack corruption through long morphology kernel names or arrays A stack buffer overflow exists in ImageMagick's morphology kernel parsing functions. User-controlled kernel strings exceeding a buffer are copied into fixed-size stack buffers via memcpy without bounds checking, resulting in stack corruption.	CVE-2026-28494 GHSA-932h-jw47-73jm
VCID-sw7g-hxxr-n3e1	ImageMagick has a Path Policy TOCTOU symlink race bypass `domain="path"` authorization is checked before final file open/use. A symlink swap between check-time and use-time bypasses policy-denied read/write.	CVE-2026-28689 GHSA-493f-jh8w-qhx3
VCID-x8c6-9pse-xkc8	ImageMagick: Integer overflow in DIB coder can result in out of bounds read or write An integer overflow in DIB coder can result in out of bounds read or write	CVE-2026-28693 GHSA-hffp-q43q-qq76
VCID-y58b-be93-hbfd	ImageMagick: Write heap-buffer-overflow in PCL encoder via undersized output buffer A heap-buffer-overflow vulnerability exists in the PCL encode due to an undersized output buffer allocation. ``` WRITE of size 1 at 0x7e79f91f31a0 thread T0 ```	CVE-2026-28686 GHSA-467j-76j7-5885
VCID-zpcy-nms7-kuha	ImageMagick has Integer Overflow leading to out of bounds write in SIXEL decoder An integer overflow vulnerability exists in the SIXEL decoer. The vulnerability allows an attacker to perform an out of bounds via a specially crafted mage.	CVE-2026-28493 GHSA-r39q-jr8h-gcq2

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-02T17:01:03.266627+00:00	GHSA Importer	Fixing	VCID-2zje-ag2v-7kac	https://github.com/advisories/GHSA-qpg4-j99f-8xcg	38.1.0
2026-04-02T17:01:03.037639+00:00	GHSA Importer	Fixing	VCID-g41y-dv8u-3yf1	https://github.com/advisories/GHSA-5ggv-92r5-cp4p	38.1.0
2026-04-02T17:01:02.299313+00:00	GHSA Importer	Fixing	VCID-dabd-m3mf-3ker	https://github.com/advisories/GHSA-cqw9-w2m7-r2m2	38.1.0
2026-04-02T17:01:02.041300+00:00	GHSA Importer	Fixing	VCID-bw4q-dt1r-y3e4	https://github.com/advisories/GHSA-h95r-c8c7-mrwx	38.1.0
2026-04-02T17:01:01.480319+00:00	GHSA Importer	Fixing	VCID-rj9n-ra1t-77dy	https://github.com/advisories/GHSA-rqq8-jh93-f4vg	38.1.0
2026-04-02T17:01:01.286787+00:00	GHSA Importer	Fixing	VCID-x8c6-9pse-xkc8	https://github.com/advisories/GHSA-hffp-q43q-qq76	38.1.0
2026-04-02T17:01:00.627307+00:00	GHSA Importer	Fixing	VCID-1cpn-zvem-v7gt	https://github.com/advisories/GHSA-wj8w-pjxf-9g4f	38.1.0
2026-04-02T17:01:00.312593+00:00	GHSA Importer	Fixing	VCID-54da-fzyt-4ud2	https://github.com/advisories/GHSA-7h7q-j33q-hvpf	38.1.0
2026-04-02T17:00:59.771522+00:00	GHSA Importer	Fixing	VCID-rbdg-vz8x-ykah	https://github.com/advisories/GHSA-xxw5-m53x-j38c	38.1.0
2026-04-02T17:00:59.366882+00:00	GHSA Importer	Fixing	VCID-cuhw-ew1g-s3h2	https://github.com/advisories/GHSA-fpvf-frm6-625q	38.1.0
2026-04-01T16:08:34.205618+00:00	GHSA Importer	Fixing	VCID-y58b-be93-hbfd	https://github.com/advisories/GHSA-467j-76j7-5885	38.0.0
2026-04-01T16:08:34.134403+00:00	GHSA Importer	Fixing	VCID-rjkf-pdny-2fhn	https://github.com/advisories/GHSA-932h-jw47-73jm	38.0.0
2026-04-01T16:08:33.567828+00:00	GHSA Importer	Fixing	VCID-zpcy-nms7-kuha	https://github.com/advisories/GHSA-r39q-jr8h-gcq2	38.0.0
2026-04-01T16:08:27.557844+00:00	GHSA Importer	Fixing	VCID-r3vw-ncns-cqgb	https://github.com/advisories/GHSA-56jp-jfqg-f8f4	38.0.0
2026-04-01T16:08:27.029746+00:00	GHSA Importer	Fixing	VCID-n47w-r932-abey	https://github.com/advisories/GHSA-qmw5-2p58-xvrc	38.0.0
2026-04-01T16:08:26.748999+00:00	GHSA Importer	Fixing	VCID-6h7x-3rue-kucp	https://github.com/advisories/GHSA-mrmj-x24c-wwcv	38.0.0
2026-04-01T16:08:26.535695+00:00	GHSA Importer	Fixing	VCID-sw7g-hxxr-n3e1	https://github.com/advisories/GHSA-493f-jh8w-qhx3	38.0.0
2026-04-01T12:54:08.770927+00:00	GithubOSV Importer	Fixing	VCID-dabd-m3mf-3ker	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-cqw9-w2m7-r2m2/GHSA-cqw9-w2m7-r2m2.json	38.0.0
2026-04-01T12:54:02.805891+00:00	GithubOSV Importer	Fixing	VCID-6h7x-3rue-kucp	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-mrmj-x24c-wwcv/GHSA-mrmj-x24c-wwcv.json	38.0.0
2026-04-01T12:53:58.445450+00:00	GithubOSV Importer	Fixing	VCID-n47w-r932-abey	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-qmw5-2p58-xvrc/GHSA-qmw5-2p58-xvrc.json	38.0.0
2026-04-01T12:53:53.821424+00:00	GithubOSV Importer	Fixing	VCID-x8c6-9pse-xkc8	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-hffp-q43q-qq76/GHSA-hffp-q43q-qq76.json	38.0.0
2026-04-01T12:53:53.512472+00:00	GithubOSV Importer	Fixing	VCID-zpcy-nms7-kuha	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-r39q-jr8h-gcq2/GHSA-r39q-jr8h-gcq2.json	38.0.0
2026-04-01T12:53:48.539921+00:00	GithubOSV Importer	Fixing	VCID-y58b-be93-hbfd	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-467j-76j7-5885/GHSA-467j-76j7-5885.json	38.0.0
2026-04-01T12:53:47.171908+00:00	GithubOSV Importer	Fixing	VCID-g41y-dv8u-3yf1	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-5ggv-92r5-cp4p/GHSA-5ggv-92r5-cp4p.json	38.0.0
2026-04-01T12:53:45.226042+00:00	GithubOSV Importer	Fixing	VCID-rjkf-pdny-2fhn	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-932h-jw47-73jm/GHSA-932h-jw47-73jm.json	38.0.0
2026-04-01T12:53:40.020702+00:00	GithubOSV Importer	Fixing	VCID-54da-fzyt-4ud2	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-7h7q-j33q-hvpf/GHSA-7h7q-j33q-hvpf.json	38.0.0
2026-04-01T12:53:38.351210+00:00	GithubOSV Importer	Fixing	VCID-sw7g-hxxr-n3e1	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-493f-jh8w-qhx3/GHSA-493f-jh8w-qhx3.json	38.0.0
2026-04-01T12:53:37.765402+00:00	GithubOSV Importer	Fixing	VCID-r3vw-ncns-cqgb	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-56jp-jfqg-f8f4/GHSA-56jp-jfqg-f8f4.json	38.0.0
2026-04-01T12:53:33.791816+00:00	GithubOSV Importer	Fixing	VCID-2zje-ag2v-7kac	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-qpg4-j99f-8xcg/GHSA-qpg4-j99f-8xcg.json	38.0.0
2026-04-01T12:53:26.434689+00:00	GithubOSV Importer	Fixing	VCID-rj9n-ra1t-77dy	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-rqq8-jh93-f4vg/GHSA-rqq8-jh93-f4vg.json	38.0.0
2026-04-01T12:53:20.506405+00:00	GithubOSV Importer	Fixing	VCID-rbdg-vz8x-ykah	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-xxw5-m53x-j38c/GHSA-xxw5-m53x-j38c.json	38.0.0
2026-04-01T12:53:17.110641+00:00	GithubOSV Importer	Fixing	VCID-bw4q-dt1r-y3e4	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-h95r-c8c7-mrwx/GHSA-h95r-c8c7-mrwx.json	38.0.0
2026-04-01T12:53:14.883758+00:00	GithubOSV Importer	Fixing	VCID-1cpn-zvem-v7gt	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-wj8w-pjxf-9g4f/GHSA-wj8w-pjxf-9g4f.json	38.0.0
2026-04-01T12:53:14.235007+00:00	GithubOSV Importer	Fixing	VCID-cuhw-ew1g-s3h2	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-fpvf-frm6-625q/GHSA-fpvf-frm6-625q.json	38.0.0