GHSA-4h5w-9gq6-38f8MediumCVSS 3.3

ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of...

Published
July 1, 2026
Last Modified
July 1, 2026

🔗 CVE IDs covered (1)

📋 Description

ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory access violations.

🔗 References (4)