Magick.NET-Q16-HDRI-OpenMP-x64
NuGet49 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting Magick.NET-Q16-HDRI-OpenMP-x64page 1 of 1
- CVE-2023-1289MEDIUMCVSS 5.5EG 5.5✓ Fixed in 13.0.02023-03-23
vulnerable: 10.0.0 ... 9.1.2 (74 versions)
A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, gene…
- CVE-2025-53014LOWCVSS 3.7EG 3.7✓ Fixed in 14.7.02025-07-14
vulnerable: 10.0.0 ... 9.1.2 (97 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the `InterpretImageFilename` function. The issue stems from an off-by-one…
- CVE-2025-53015HIGHCVSS 7.5EG 7.5✓ Fixed in 14.7.02025-07-14
vulnerable: 10.0.0 ... 9.1.2 (97 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0, infinite lines occur when writing during a specific XMP file conversion command. Version 7.1.2-0 fixes the issue.
- CVE-2025-53019LOWCVSS 3.7EG 3.7✓ Fixed in 14.7.02025-07-14
vulnerable: 10.0.0 ... 9.1.2 (97 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick stream` command, specifying multiple consecutive `%d` format specifiers in …
- CVE-2025-53101HIGHCVSS 7.4EG 7.4✓ Fixed in 14.7.02025-07-14
vulnerable: 10.0.0 ... 9.1.2 (97 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in…
- CVE-2025-55004HIGHCVSS 7.6EG 7.6✓ Fixed in 14.8.02025-08-13
vulnerable: 10.0.0 ... 9.1.2 (98 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when…
- CVE-2025-55154HIGHCVSS 8.8EG 8.8✓ Fixed in 14.8.02025-08-13
vulnerable: 10.0.0 ... 9.1.2 (98 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage (in coders/png.c) are unsafe and can overflow, leadi…
- CVE-2025-55160MEDIUMCVSS 6.1EG 6.1✓ Fixed in 14.8.02025-08-13
vulnerable: 10.0.0 ... 9.1.2 (98 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a …
- CVE-2025-55212LOWCVSS 3.7EG 3.7✓ Fixed in 14.8.12025-08-26
vulnerable: 10.0.0 ... 9.1.2 (99 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2, passing a geometry string containing only a colon (":") to montage -geometry leads GetGeometry() to set…
- CVE-2025-55298HIGHCVSS 7.5EG 7.5✓ Fixed in 14.8.12025-08-26
vulnerable: 10.0.0 ... 9.1.2 (99 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user inpu…
- CVE-2025-57807LOWCVSS 3.8EG 3.8✓ Fixed in 14.8.22025-09-05
vulnerable: 10.0.0 ... 9.1.2 (100 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob(), which permits advancing the stream offset beyond the current end…
- CVE-2025-62594MEDIUMCVSS 5.5EG 4.72025-10-27
vulnerable: 10.0.0 ... 9.1.2 (102 versions)
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function…
- CVE-2025-65955MEDIUMCVSS 6.1EG 4.92025-12-02
vulnerable: 10.0.0 ... 9.1.2 (103 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked wi…
- CVE-2025-68469LOWCVSS 3.3EG 3.3✓ Fixed in 13.2.02025-12-18
vulnerable: 10.0.0 ... 9.1.2 (80 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMagick crashes when processing a crafted TIFF file. Version 7.1.1-14 fixes the issue.
- CVE-2025-68618MEDIUMCVSS 5.3EG 5.3✓ Fixed in 14.10.12025-12-30
vulnerable: 10.0.0 ... 9.1.2 (104 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7.1.2-12 fixes the issue.
- CVE-2025-68950MEDIUMCVSS 4.0EG 4.0✓ Fixed in 14.10.12025-12-30
vulnerable: 10.0.0 ... 9.1.2 (104 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerabil…
- CVE-2026-22770MEDIUMCVSS 6.5EG 6.5✓ Fixed in 14.10.22026-01-20
vulnerable: 10.0.0 ... 9.1.2 (105 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But, in versions prior to 7.1.2-13, the last ele…
- CVE-2026-23874MEDIUMCVSS 5.5EG 5.5✓ Fixed in 14.10.22026-01-20
vulnerable: 10.0.0 ... 9.1.2 (105 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite recursion in MSL (Magick Scripting Language) `<write>` command when writing to MSL…
- CVE-2026-23952MEDIUMCVSS 6.5EG 6.5✓ Fixed in 14.10.22026-01-22
vulnerable: 10.0.0 ... 9.1.2 (105 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL (Magick Scripting Language) parser when processing <comment>…
- CVE-2026-25637MEDIUMCVSS 5.3EG 5.3✓ Fixed in 14.10.32026-02-24
vulnerable: 10.0.0 ... 9.1.2 (106 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak in the ASHLAR image writer allows an attacker to exhaust process memory by providing a crafted image th…
- CVE-2026-25638MEDIUMCVSS 5.3EG 5.3✓ Fixed in 14.10.32026-02-24
vulnerable: 10.0.0 ... 9.1.2 (106 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, memory leak exists in `coders/msl.c`. In the `WriteMSLImage` function of the `msl.c` file, resources a…
- CVE-2026-25965HIGHCVSS 7.5EG 7.5✓ Fixed in 14.10.32026-02-24
vulnerable: 10.0.0 ... 9.1.2 (106 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick’s path security policy is enforced on the raw filename string before the filesystem reso…
- CVE-2026-25968CRITICALCVSS 9.8EG 9.8✓ Fixed in 14.10.32026-02-24
vulnerable: 10.0.0 ... 9.1.2 (106 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fix…
- CVE-2026-25969HIGHCVSS 7.5EG 7.5✓ Fixed in 14.10.32026-02-24
vulnerable: 10.0.0 ... 9.1.2 (106 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak exists in `coders/ashlar.c`. The `WriteASHLARImage` allocates a structure. However, when an exception …
- CVE-2026-25985HIGHCVSS 7.5EG 7.5✓ Fixed in 14.10.32026-02-24
vulnerable: 10.0.0 ... 9.1.2 (106 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file containing an malicious element causes ImageMagick to attempt to allocate ~674 GB o…
- CVE-2026-28691HIGHCVSS 7.5EG 7.5✓ Fixed in 14.10.42026-03-10
vulnerable: 10.0.0 ... 9.1.2 (107 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an uninitialized pointer dereference vulnerability exists in the JBIG decoder due to a missing check. …
- CVE-2026-28693HIGHCVSS 8.1EG 8.1✓ Fixed in 14.10.42026-03-10
vulnerable: 10.0.0 ... 9.1.2 (107 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an integer overflow in DIB coder can result in out of bounds read or write. This vulnerability is fixe…
- CVE-2026-42326MEDIUMCVSS 5.1EG 5.1✓ Fixed in 14.13.12026-05-18
vulnerable: 10.0.0 ... 9.1.2 (112 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when writing an IPTC output file a malicious input file could cause an out of bounds read of a single …
- CVE-2026-45031MEDIUMCVSS 5.3EG 5.3✓ Fixed in 14.13.12026-05-18
vulnerable: 10.0.0 ... 9.1.2 (112 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, due to a missing check in the PSD decoder it would be possible to bypass the list-length resource poli…
- CVE-2026-45358MEDIUMCVSS 5.3EG 5.3✓ Fixed in 14.13.12026-05-18
vulnerable: 10.0.0 ... 9.1.2 (112 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, an off by one in the meta encoder could result in an out of bounds read of a single byte in the meta e…
- CVE-2026-45359MEDIUMCVSS 5.7EG 5.7✓ Fixed in 14.13.12026-05-18
vulnerable: 10.0.0 ... 9.1.2 (112 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing…
- CVE-2026-45624MEDIUMCVSS 5.1EG 5.1✓ Fixed in 14.13.12026-05-18
vulnerable: 10.0.0 ... 9.1.2 (112 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when performing a polynomial distortion an out of bounds over-read of 24 bytes can occur when specifyi…
- CVE-2026-45664MEDIUMCVSS 5.3EG 5.3✓ Fixed in 14.13.12026-05-18
vulnerable: 10.0.0 ... 9.1.2 (112 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possible to read more images than the list lim…
- CVE-2026-46520HIGHCVSS 7.5EG 7.5✓ Fixed in 14.13.12026-05-18
vulnerable: 10.0.0 ... 9.1.2 (112 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out of bounds heap write can occur. This iss…
- CVE-2026-46521MEDIUMCVSS 5.5EG 5.5✓ Fixed in 14.13.12026-05-18
vulnerable: 10.0.0 ... 9.1.2 (112 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing chec…
- CVE-2026-46522HIGHCVSS 7.5EG 7.5✓ Fixed in 14.13.12026-05-18
vulnerable: 10.0.0 ... 9.1.2 (112 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in C…
- CVE-2026-46523MEDIUMCVSS 6.2EG 6.2✓ Fixed in 14.13.12026-05-18
vulnerable: 10.0.0 ... 9.1.2 (112 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, a crafted MSL image can trigger a heap-use-after-free. Versions 7.1.2.23 and 6.9.13-48 fix the issue.
- CVE-2026-46557MEDIUMCVSS 6.2EG 6.2✓ Fixed in 14.13.12026-05-18
vulnerable: 10.0.0 ... 9.1.2 (112 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-23, due to a missing depth check a stack overflow can occur in the fx operation by passing a crafted argument. This issue…
- CVE-2026-46559MEDIUMCVSS 4.0EG 4.0✓ Fixed in 14.13.12026-05-18
vulnerable: 10.0.0 ... 9.1.2 (112 versions)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifyin…
- CVE-2026-56361HIGHCVSS 7.1EG 3.3✓ Fixed in 14.12.02026-07-01
vulnerable: 10.0.0 ... 9.1.2 (110 versions)
ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory…
- CVE-2026-56362MEDIUMCVSS 4.2EG 3.3✓ Fixed in 14.10.32026-07-08
vulnerable: 10.0.0 ... 9.1.2 (106 versions)
ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex caused by OpenPixelCache updating image channel metadata before pixel cache memory allocation. Attackers can trigger memory and disk allocation…
- CVE-2026-56364LOWCVSS 1.9EG 1.9✓ Fixed in 14.10.22026-07-01
vulnerable: 10.0.0 ... 9.1.2 (105 versions)
ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the OpenCL cache …
- CVE-2026-56365MEDIUMCVSS 5.3EG 3.7✓ Fixed in 14.12.02026-07-01
vulnerable: 10.0.0 ... 9.1.2 (110 versions)
ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service.
- CVE-2026-56367CRITICALCVSS 9.1EG 3.7✓ Fixed in 14.10.32026-06-21
vulnerable: 10.0.0 ... 9.1.2 (106 versions)
ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB (PSD v2) RLE decoding path (ReadPSDChannelRLE in coders/psd.c) that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB …
- CVE-2026-56370HIGHCVSS 7.8EG 3.3✓ Fixed in 14.12.02026-04-14
vulnerable: 10.0.0 ... 9.1.2 (110 versions)
ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage() when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed c…
- CVE-2026-56371MEDIUMCVSS 5.3EG 5.3✓ Fixed in 14.10.32026-06-23
vulnerable: 10.0.0 ... 9.1.2 (106 versions)
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a memory leak in coders/txt.c when processing TXT files with texture attributes: the texture object allocated via ReadImage is not released when GetTypeMetrics fails, leaking memory each t…
- CVE-2026-56374HIGHCVSS 7.1EG 3.3✓ Fixed in 14.12.02026-07-08
vulnerable: 10.0.0 ... 9.1.2 (110 versions)
ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the FTXT encoder due to missing boundary checks when parsing ftxt:format. Remote attackers can trigger an out of bounds read by crafting malicious FTXT image file…
- CVE-2026-56376LOWCVSS 3.3EG 3.7✓ Fixed in 14.10.32026-06-23
vulnerable: 10.0.0 ... 9.1.2 (106 versions)
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written to a stale pointer. Remote attackers can trigger it by processing specially crafted image fi…
- CVE-2026-56379MEDIUMCVSS 5.5EG 5.5✓ Fixed in 14.10.32026-06-23
vulnerable: 10.0.0 ... 9.1.2 (106 versions)
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that allows attackers to inject arbitrary MVG drawing commands. Attackers can craft malicious SVG files with injected Magick Vector Gra…
Check whether Magick.NET-Q16-HDRI-OpenMP-x64 is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for Magick.NET-Q16-HDRI-OpenMP-x64 CVEs against the assets you own.
Start Free Scan →