CVE-2025-46393

Name

CVE-2025-46393

Description

In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (related to the rendering of all channels in an arbitrary order).

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

References

Type	URI
cve@mitre.org	https://github.com/ImageMagick/ImageMagick/commit/81ac8a0d2eb21739842ed18c48c7646b7eef65b8
cve@mitre.org	https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-44---2025-02-22

Match rules

CPE URI	Source package	Min version	Max version
	imagemagick	>= 0	< 7.1.1-44

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
imagemagick	edge-community	7.1.1.41-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.43-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.44-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.44-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.44-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.44-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.44-r4	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	3.22-community	7.1.1.41-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable