GHSA-wh42-3hf2-jj9pLowCVSS 2.9

ImageMagick before 7.1.2-26 and 6.9.13-51 contains an information disclosure vulnerability: when...

Published
July 15, 2026
Last Modified
July 15, 2026

🔗 CVE IDs covered (1)

📋 Description

ImageMagick before 7.1.2-26 and 6.9.13-51 contains an information disclosure vulnerability: when a profile is displayed with the identify command and the profile value is not printable, a single byte at the end of the profile can be printed (read past the profile boundary). This behavior occurs when debug output is enabled.

🔗 References (4)