PT-2026-60152 · Imagemagick · Imagemagick
Bin-Infinite
·
Published
2026-07-15
·
Updated
2026-07-15
·
CVE-2026-61862
CVSS v3.1
2.9
Low
| Vector | AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
ImageMagick before 7.1.2-26 and 6.9.13-51 contains an information disclosure vulnerability: when a profile is displayed with the identify command and the profile value is not printable, a single byte at the end of the profile can be printed (read past the profile boundary). This behavior occurs when debug output is enabled.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Imagemagick