ImageMagick
cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*
- < 7.1.2-26
- < 6.9.13-51
A memory leak vulnerability has been identified in ImageMagick versions prior to 7.1.2-26 and 6.9.13-51. The issue arises in the ICON decoder when a memory allocation fails, leading to leaked memory. This vulnerability could be exploited by processing a crafted ICON file that triggers the allocation failure, potentially causing a denial-of-service condition.
Exploitation of this vulnerability leads to a memory leak, which can cause a denial-of-service condition by exhausting available memory resources.
Users can upgrade to ImageMagick versions 7.1.2-26 or 6.9.13-51 to address this vulnerability.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.