GHSA-84mh-5fq7-7fx5MediumCVSS 3.7

ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null...

Published
July 11, 2026
Last Modified
July 11, 2026

🔗 CVE IDs covered (1)

📋 Description

ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null check when parsing XMP profiles. Attackers can craft malicious image files with specially crafted XMP data to trigger the vulnerability and cause application crashes.

🔗 References (4)