CVE-2025-55005

CVE-2025-55005

Name

CVE-2025-55005

Description

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when preparing to transform from Log to sRGB colorspaces, the logmap construction fails to handle cases where the reference-black or reference-white value is larger than 1024. This leads to corrupting memory beyond the end of the allocated logmap buffer. This issue has been patched in version 7.1.2-1.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
CONFIRM	https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v393-38qx-v8fp
MISC	https://goo.gle/bigsleep

Type

URI

CONFIRM

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v393-38qx-v8fp

MISC

https://goo.gle/bigsleep

CPE URI	Source package	Min version	Max version
	imagemagick	>= 0	< 7.1.2-1

CPE URI

Source package

Min version

Max version

imagemagick

>= 0

< 7.1.2-1

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
imagemagick	edge-community	7.1.2.15-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.2.13-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.2.12-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.2.12-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.2.8-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.2.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.2.3-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.2.3-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.2.3-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.2.3-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.2.2-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.2.1-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.2.1-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.2.0-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.44-r4	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.44-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.44-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.44-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.44-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.43-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.41-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.36-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.35-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.34-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.33-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.32-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.32-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.32-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.32-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.29-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.26-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.26-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.22-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.1.21-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.62-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.61-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.60-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.60-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.59-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.58-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.57-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.56-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.55-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.54-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.54-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.53-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.52-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.51-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.51-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.50-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.50-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.47-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.30-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.24-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.1.0.10-r0	None	possibly vulnerable
imagemagick	edge-community	7.1.0.0-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.0.11.13-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.0.11.9-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	edge-community	7.0.11.1-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.10.57-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.10.42-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.10.35-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.10.31-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.10.18-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.10.8-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.10.0-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.9.7-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.8.62-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.8.56-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.8.53-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.8.44-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.8.38-r0	None	possibly vulnerable
imagemagick	3.23-community	7.1.2.15-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	3.23-community	7.1.2.13-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	3.23-community	7.1.2.12-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	3.23-community	7.1.2.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	3.22-community	7.1.2.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	3.22-community	7.1.2.3-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	3.22-community	7.1.2.0-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	3.22-community	7.1.1.41-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
imagemagick	3.22-community	7.1.1.21-r0	None	possibly vulnerable
imagemagick	3.22-community	7.1.0.52-r0	None	possibly vulnerable
imagemagick	3.22-community	7.1.0.47-r0	None	possibly vulnerable
imagemagick	3.22-community	7.1.0.30-r0	None	possibly vulnerable
imagemagick	3.22-community	7.1.0.24-r0	None	possibly vulnerable
imagemagick	3.22-community	7.1.0.10-r0	None	possibly vulnerable
imagemagick	3.22-community	7.1.0.0-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.11.9-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.11.1-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.10.57-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.10.42-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.10.35-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.10.31-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.10.18-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.10.8-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.10.0-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.9.7-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.8.62-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.8.56-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.8.53-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.8.44-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.8.38-r0	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages