ImageMagick processes image files, and a flaw in the YUV 4:2:2 decoder writes one pixel beyond the allocated row buffer during the pixel‑pair loop, creating a heap buffer overflow. This out‑of‑bounds write can corrupt adjacent memory, and based on the description it is inferred that an attacker might be able to achieve either a denial‑of‑service crash or, if the memory corruption is exploitable, arbitrary‑code execution. The weakness is characterized by CWE‑787 (Out‑of‑Bounds Write) and CWE‑805 (Incorrect Calculation or Use of Buffer Size). Based on the description, it is inferred that the primary attack vector involves supplying a maliciously crafted YUV 4:2:2 image to any component that invokes ImageMagick’s decoder. The vulnerability can affect any process or service that performs image manipulation using ImageMagick without restricting the input image formats.

Vendors and products identified by the CNA are ImageMagick ImageMagick. The affectation covers all releases earlier than 7.1.2‑15 in the 7.x branch and earlier than 6.9.13‑40 in the 6.x branch. These versions are widely deployed on Linux distributions, macOS, Windows, and embedded systems that employ ImageMagick for image processing.

The CVSS score of 5.3 indicates a moderate severity, while the EPSS value of less than 1% signifies a very low probability of exploitation at the time of this analysis. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires an attacker to supply a specially crafted YUV 4:2:2 file to a vulnerable instance of ImageMagick; the heap overflow occurs during the pixel‑pair loop and writes one pixel beyond the allocated row buffer. Based on the code path described, an attacker can trigger the flaw by submitting the file to any image‑processing routine that uses the YUV 4:2:2 decoder. The potential impact of exploitation ranges from an application crash to, depending on the exploit feasibility, arbitrary code execution.