CVE-2025-55005

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 7.1.2-1

Description: ImageMagick is software used for editing and manipulating digital images. A memory corruption issue occurs when preparing to transform from Log to sRGB colorspaces, specifically when the reference-black or reference-white value is larger than 1024. This results in corrupting memory beyond the allocated logmap buffer.

Recommendations: Update to version 7.1.2-1 or later.

Exploit

Fix

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122

Related Identifiers

ALT-PU-2025-11045

BDU:2025-10858

CVE-2025-55005

DSA-5997-1

GHSA-V393-38QX-V8FP

OESA-2025-2193

OESA-2025-2194

OESA-2025-2196

OESA-2025-2197

OESA-2025-2247

SUSE-SU-2025:03113-1

SUSE-SU-2025:03150-1

SUSE-SU-2025:03151-1

SUSE-SU-2025:03152-1

SUSE-SU-2025:03164-1

SUSE-SU-2025_03113-1

SUSE-SU-2025_03150-1

SUSE-SU-2025_03151-1

SUSE-SU-2025_03152-1

SUSE-SU-2025_03164-1

Affected Products

Alt Linux

Astra Linux

Debian

Imagemagick

Red Os

Suse

CVE-2025-55005

Weakness Enumeration

Related Identifiers

Affected Products

References · 65