Search for vulnerabilities
Vulnerability details: VCID-bwe1-eu65-tyh5
Vulnerability ID VCID-bwe1-eu65-tyh5
Aliases CVE-2022-3213
Summary A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service.
Status Published
Exploitability 0.5
Weighted Severity 5.0
Risk 2.5
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-787 Out-of-bounds Write
System Score Found at
cvssv3 5.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3213.json
epss 0.00025 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00025 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00025 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00025 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00025 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00025 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
epss 0.00031 https://api.first.org/data/v1/epss?cve=CVE-2022-3213
cvssv3.1 5.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-3213
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3213.json
https://access.redhat.com/security/cve/CVE-2022-3213
https://api.first.org/data/v1/epss?cve=CVE-2022-3213
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3213
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/ImageMagick/ImageMagick6/commit/1aea203eb36409ce6903b9e41fe7cb70030e8750
https://github.com/ImageMagick/ImageMagick/commit/30ccf9a0da1f47161b5935a95be854fe84e6c2a2
1021141 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021141
2126824 https://bugzilla.redhat.com/show_bug.cgi?id=2126824
cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
CVE-2022-3213 https://nvd.nist.gov/vuln/detail/CVE-2022-3213
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3213.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-3213
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.05478
EPSS Score 0.00025
Published At Sept. 16, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:31:33.827159+00:00 Alpine Linux Importer Import https://secdb.alpinelinux.org/v3.20/main.json 37.0.0