cbcvebase.
CVE-2022-44267
published 2023-02-06

CVE-2022-44267: ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin…

PriorityP357medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
EXPLOIT
EPSS
76.58%
99.5th percentile
ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianimagemagick< imagemagick 8:6.9.11.60+dfsg-1.6 (bookworm)imagemagick 8:6.9.11.60+dfsg-1.6 (bookworm)
imagemagickimagemagick
imagemagickimagemagick>= 0 < 8:6.9.11.60+dfsg-1.3+deb11u18:6.9.11.60+dfsg-1.3+deb11u1
imagemagickimagemagick>= 0 < 8:6.9.11.60+dfsg-1.68:6.9.11.60+dfsg-1.6
imagemagickimagemagick>= 0 < 8:6.9.11.60+dfsg-1.68:6.9.11.60+dfsg-1.6
imagemagickimagemagick>= 0 < 8:6.9.11.60+dfsg-1.68:6.9.11.60+dfsg-1.6

Detection & IOCsextracted from sources · hover to see the quote

commandconvert <malicious.png> -resize ...
  • Monitor ImageMagick 'convert' processes that hang indefinitely (blocking on stdin) when processing user-supplied PNG files — this is the observable DoS symptom.
  • Beyond DoS, the same vector may allow arbitrary file content disclosure by embedding filenames of local files in the PNG text chunk, causing ImageMagick to read and include them into output images.
  • ·The vulnerability affects ImageMagick 7.1.0-49 specifically; patched Debian packages are available (fixed in 8:6.9.11.60+dfsg-1.6 for bookworm/sid/trixie/forky and 8:6.9.11.60+dfsg-1.3+deb11u1 for bullseye). Red Hat Enterprise Linux 6 and 7 packages are out of support scope.

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv6.5MEDIUM
vendor_debian6.5MEDIUM
vendor_redhat6.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.