GHSA-h36c-3666-h489MediumCVSS 5.5

ImageMagick Vulnerable to Stack Overflow in its MVG Decoder

Published
June 25, 2026
Last Modified
June 25, 2026

🔗 CVE IDs covered (1)

📋 Description

A crafted MVG file could result in a stack overflow due to a missing depth or visited-set check.

🎯 Affected products17

  • nuget/Magick.NET-Q16-AnyCPU:< 14.14.0
  • nuget/Magick.NET-Q16-HDRI-AnyCPU:< 14.14.0
  • nuget/Magick.NET-Q16-HDRI-OpenMP-arm64:< 14.14.0
  • nuget/Magick.NET-Q16-HDRI-arm64:< 14.14.0
  • nuget/Magick.NET-Q16-HDRI-x64:< 14.14.0
  • nuget/Magick.NET-Q16-HDRI-x86:< 14.14.0
  • nuget/Magick.NET-Q16-OpenMP-arm64:< 14.14.0
  • nuget/Magick.NET-Q16-OpenMP-x64:< 14.14.0
  • nuget/Magick.NET-Q16-arm64:< 14.14.0
  • nuget/Magick.NET-Q16-x64:< 14.14.0
  • nuget/Magick.NET-Q16-x86:< 14.14.0
  • nuget/Magick.NET-Q8-AnyCPU:< 14.14.0
  • nuget/Magick.NET-Q8-OpenMP-arm64:< 14.14.0
  • nuget/Magick.NET-Q8-OpenMP-x64:< 14.14.0
  • nuget/Magick.NET-Q8-arm64:< 14.14.0
  • nuget/Magick.NET-Q8-x64:< 14.14.0
  • nuget/Magick.NET-Q8-x86:< 14.14.0

🔗 References (4)