Primary

Context

ImageMagick MIFF Image Processing Depth Handling Vulnerability

Vulnerability

Patched

A vulnerability exists in ImageMagick versions prior to 7.1.1-44 within the MIFF image processing module. The issue arises from improper management of image depth after the SetQuantumFormat function is applied, which could potentially lead to unintended consequences in image processing.

Impact

Exploitation of this vulnerability could cause a denial-of-service condition by allowing an attacker to create images that, when processed, could lead to excessive resource consumption or application crashes.

Remediation

Users can upgrade to ImageMagick version 7.1.1-44 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

5.1

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

5.1

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ImageMagick MIFF Image Processing Depth Handling Vulnerability

Vulnerability

Impact

Remediation

Affected Products

ImageMagick

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating