Primary

Context

ImageMagick Denial-of-Service Vulnerability in SVG Conversion

Vulnerability

Patched

A denial-of-service vulnerability has been identified in ImageMagick versions prior to 7.1.2-15 and 6.9.13-40. The issue arises because the software fails to properly validate multi-layer nested MVG (Magick Vector Graphics) conversions to SVG (Scalable Vector Graphics). This oversight can lead to a denial-of-service condition, where the application may become unresponsive or fail to process images as expected.

Impact

Exploitation of this vulnerability can lead to a denial-of-service condition, causing the application to become unresponsive or fail to process images correctly.

Remediation

Users can upgrade to ImageMagick versions 7.1.2-15 or 6.9.13-40, both of which include the necessary patch to address this vulnerability.

Added: Feb 24, 2026, 1:40 AM

Updated: Feb 24, 2026, 1:40 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

5.0

remediation

7.7

relevance

3.1

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

5.0

remediation

7.7

relevance

3.1

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ImageMagick Denial-of-Service Vulnerability in SVG Conversion

Vulnerability

Impact

Remediation

Affected Products

ImageMagick

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating