CVE-2020-25663
low-risk
Published 2020-12-08
A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() was called. This could occur if an attacker is able to submit a malicious image file to be processed by ImageMagick and could lead to denial of service. It likely would not lead to anything further because the memory is used as pixel data and not e.g. a function pointer. This flaw affects ImageMagick versions prior to 7.0.9-0.
Do I need to act?
-
0.17% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10
Medium
LOCAL
/ LOW complexity
Affected Products (1)
Affected Vendors
References (6)
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=1891601
Third Party Advisory
https://github.com/ImageMagick/ImageMagick/issues/1723#issuecomment-718275153
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=1891601
Third Party Advisory
https://github.com/ImageMagick/ImageMagick/issues/1723#issuecomment-718275153
24
/ 100
low-risk
Severity
18/34 · Moderate
Exploitability
1/34 · Minimal
Exposure
5/34 · Minimal