Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-2bcf-ssct-v3b9
Summary
ImageMagick has infinite loop when writing IPTCTEXT leads to denial of service via crafted profile
A crafted profile contain invalid IPTC data may cause an infinite loop when writing it with `IPTCTEXT`.
Aliases
0
alias CVE-2026-26066
1
alias GHSA-v994-63cg-9wj3
Fixed_packages
0
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=aarch64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=aarch64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=aarch64&distroversion=v3.22&reponame=community
1
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=aarch64&distroversion=v3.23&reponame=community
2
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=armhf&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=armhf&distroversion=v3.22&reponame=community
3
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=armhf&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=armhf&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=armhf&distroversion=v3.23&reponame=community
4
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=armv7&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=armv7&distroversion=v3.22&reponame=community
5
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=armv7&distroversion=v3.23&reponame=community
6
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=loongarch64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=loongarch64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community
7
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=loongarch64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=loongarch64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community
8
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=ppc64le&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=ppc64le&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community
9
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community
10
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=riscv64&distroversion=v3.22&reponame=community
11
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=riscv64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=riscv64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=riscv64&distroversion=v3.23&reponame=community
12
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=s390x&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=s390x&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=s390x&distroversion=v3.22&reponame=community
13
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=s390x&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=s390x&distroversion=v3.23&reponame=community
14
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=x86_64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=x86_64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=x86_64&distroversion=v3.22&reponame=community
15
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=x86_64&distroversion=v3.23&reponame=community
16
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=x86&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=x86&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=x86&distroversion=v3.22&reponame=community
17
url pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=x86&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/imagemagick@7.1.2.15-r0?arch=x86&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick@7.1.2.15-r0%3Farch=x86&distroversion=v3.23&reponame=community
18
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-axx3-j8e3-8qgv
1
vulnerability VCID-fxh3-2w92-8qch
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
19
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
20
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
21
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u9?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u9?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fxh3-2w92-8qch
1
vulnerability VCID-va53-u4q9-pkfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u9%3Fdistro=trixie
22
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
23
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u8?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fxh3-2w92-8qch
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u8%3Fdistro=trixie
24
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
25
url pkg:deb/debian/imagemagick@8:7.1.2.23%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.23%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.23%252Bdfsg1-1%3Fdistro=trixie
26
url pkg:deb/debian/imagemagick@8:7.1.2.24%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.24%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.24%252Bdfsg1-1%3Fdistro=trixie
27
url pkg:nuget/agick.NET-Q8-x86@14.10.3
purl pkg:nuget/agick.NET-Q8-x86@14.10.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/agick.NET-Q8-x86@14.10.3
28
url pkg:nuget/Magick.NET-Q16-arm64@14.10.3
purl pkg:nuget/Magick.NET-Q16-arm64@14.10.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Magick.NET-Q16-arm64@14.10.3
29
url pkg:nuget/Magick.NET-Q16-HDRI-arm64@14.10.3
purl pkg:nuget/Magick.NET-Q16-HDRI-arm64@14.10.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Magick.NET-Q16-HDRI-arm64@14.10.3
30
url pkg:nuget/Magick.NET-Q16-HDRI-OpenMP-arm64@14.10.3
purl pkg:nuget/Magick.NET-Q16-HDRI-OpenMP-arm64@14.10.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Magick.NET-Q16-HDRI-OpenMP-arm64@14.10.3
31
url pkg:nuget/Magick.NET-Q16-HDRI-OpenMP-x64@14.10.3
purl pkg:nuget/Magick.NET-Q16-HDRI-OpenMP-x64@14.10.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Magick.NET-Q16-HDRI-OpenMP-x64@14.10.3
32
url pkg:nuget/Magick.NET-Q16-OpenMP-arm64@14.10.3
purl pkg:nuget/Magick.NET-Q16-OpenMP-arm64@14.10.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Magick.NET-Q16-OpenMP-arm64@14.10.3
33
url pkg:nuget/Magick.NET-Q16-OpenMP-x64@14.10.3
purl pkg:nuget/Magick.NET-Q16-OpenMP-x64@14.10.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Magick.NET-Q16-OpenMP-x64@14.10.3
34
url pkg:nuget/Magick.NET-Q16-OpenMP-x86@14.10.3
purl pkg:nuget/Magick.NET-Q16-OpenMP-x86@14.10.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Magick.NET-Q16-OpenMP-x86@14.10.3
35
url pkg:nuget/Magick.NET-Q8-arm64@14.10.3
purl pkg:nuget/Magick.NET-Q8-arm64@14.10.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Magick.NET-Q8-arm64@14.10.3
36
url pkg:nuget/Magick.NET-Q8-OpenMP-arm64@14.10.3
purl pkg:nuget/Magick.NET-Q8-OpenMP-arm64@14.10.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Magick.NET-Q8-OpenMP-arm64@14.10.3
37
url pkg:nuget/magick.net-q8-openmp-x64@14.10.3
purl pkg:nuget/magick.net-q8-openmp-x64@14.10.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/magick.net-q8-openmp-x64@14.10.3
38
url pkg:nuget/Magick.NET-Q8-OpenMP-x64@14.10.3
purl pkg:nuget/Magick.NET-Q8-OpenMP-x64@14.10.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Magick.NET-Q8-OpenMP-x64@14.10.3
Affected_packages
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26066.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26066.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-26066
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05511
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-26066
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
4
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
5
reference_url https://github.com/ImageMagick/ImageMagick/commit/880057ce34f6da9dff2fe3b290bbbc45b743e613
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/880057ce34f6da9dff2fe3b290bbbc45b743e613
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442142
reference_id 2442142
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442142
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26066
reference_id CVE-2026-26066
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26066
8
reference_url https://github.com/advisories/GHSA-v994-63cg-9wj3
reference_id GHSA-v994-63cg-9wj3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v994-63cg-9wj3
9
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v994-63cg-9wj3
reference_id GHSA-v994-63cg-9wj3
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v994-63cg-9wj3
10
reference_url https://usn.ubuntu.com/8127-1/
reference_id USN-8127-1
reference_type
scores
url https://usn.ubuntu.com/8127-1/
Weaknesses
0
cwe_id 400
name Uncontrolled Resource Consumption
description The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
1
cwe_id 835
name Loop with Unreachable Exit Condition ('Infinite Loop')
description The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
3
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score4.0 - 6.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-2bcf-ssct-v3b9