Description
ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex caused by OpenPixelCache updating image channel metadata before pixel cache memory allocation. Attackers can trigger memory and disk allocation failures to cause a heap-buffer-overflow read affecting any writer calling GetPixelIndex.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Wed, 08 Jul 2026 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex caused by OpenPixelCache updating image channel metadata before pixel cache memory allocation. Attackers can trigger memory and disk allocation failures to cause a heap-buffer-overflow read affecting any writer calling GetPixelIndex. | |
| Title | ImageMagick - Heap-buffer-overflow Read in GetPixelIndex via OpenPixelCache Metadata Desynchronization | |
| First Time appeared |
Imagemagick
Imagemagick imagemagick |
|
| Weaknesses | CWE-125 | |
| CPEs | cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Imagemagick
Imagemagick imagemagick |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-07-08T13:49:04.142Z
Reserved: 2026-06-20T21:16:53.711Z
Link: CVE-2026-56362
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-125
Out-of-bounds Read