ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial of service.
Metrics
Affected Vendors & Products
References
History
Mon, 13 Jul 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Sun, 12 Jul 2026 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-125 | |
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Sat, 11 Jul 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial of service. | |
| Title | ImageMagick - Heap Buffer Overflow Read via Unrecognized Magnify Method | |
| First Time appeared |
Imagemagick
Imagemagick imagemagick |
|
| Weaknesses | CWE-122 | |
| CPEs | cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Imagemagick
Imagemagick imagemagick |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-07-13T14:34:41.530Z
Reserved: 2026-06-21T02:05:21.920Z
Link: CVE-2026-56372
Updated: 2026-07-13T14:34:36.719Z
No data.
OpenCVE Enrichment
Updated: 2026-07-12T22:15:04Z