GHSA-vgqj-4jhr-3wh5MediumCVSS 3.7

ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the...

Published
July 1, 2026
Last Modified
July 1, 2026

🔗 CVE IDs covered (1)

📋 Description

ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images.

🔗 References (4)