Primary

Context

ImageMagick Bilateral Blur Image Method Invalid Pointer Release Vulnerability

Vulnerability

Patched

A vulnerability exists in the BilateralBlurImage method of ImageMagick versions prior to 7.1.2-13. The issue arises because the last element in a set of double buffers allocated by the method is not properly initialized. This flaw can lead to the release of an invalid pointer in the DestroyBilateralTLS function when memory allocation fails, potentially causing a crash or other unintended behavior.

Impact

Exploitation of this vulnerability results in a release of an invalid pointer, which can lead to undefined behavior such as a program crash or memory corruption.

Remediation

Users can upgrade to ImageMagick version 7.1.2-13 or later to address this vulnerability.

Added: Jan 20, 2026, 1:31 AM

Updated: Jan 20, 2026, 1:31 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

5.3

remediation

7.7

relevance

2.2

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

5.3

remediation

7.7

relevance

2.2

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ImageMagick Bilateral Blur Image Method Invalid Pointer Release Vulnerability

Vulnerability

Impact

Remediation

Affected Products

ImageMagick

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating