VulnerableCode Package Details - pkg:nuget/Magick.NET-Q8-arm64@14.8.2

Search for packages

Package details: pkg:nuget/Magick.NET-Q8-arm64@14.8.2

Essentials
History (2)

purl	pkg:nuget/Magick.NET-Q8-arm64@14.8.2

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-hqmn-6g6z-bqak	ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob(), which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob(), which then expands by quantum + length (amortized) instead of offset + length, and copies to data + offset. When offset ≫ extent, the copy targets memory beyond the allocation, producing a deterministic heap write on 64-bit builds. No 2⁶⁴ arithmetic wrap, external delegates, or policy settings are required. This is fixed in version 14.8.2.	CVE-2025-57807 GHSA-23hg-53q6-hqfg

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-09-09T19:34:21.688476+00:00	GHSA Importer	Fixing	VCID-hqmn-6g6z-bqak	https://github.com/advisories/GHSA-23hg-53q6-hqfg	37.0.0
2025-09-09T17:19:27.018906+00:00	GithubOSV Importer	Fixing	VCID-hqmn-6g6z-bqak	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/09/GHSA-23hg-53q6-hqfg/GHSA-23hg-53q6-hqfg.json	37.0.0