CVE-2025-53101
published 2025-07-14CVE-2025-53101: ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's…
PriorityP259critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.79%
51.7th percentile
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal pointer arithmetic to generate an address below the beginning of the stack buffer, resulting in a stack overflow through `vsnprintf()`. Versions 7.1.2-0 and 6.9.13-26 fix the issue.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | imagemagick | < imagemagick 8:6.9.11.60+dfsg-1.6+deb12u4 (bookworm) | imagemagick 8:6.9.11.60+dfsg-1.6+deb12u4 (bookworm) |
| imagemagick | imagemagick | < 7.1.2-0 | 7.1.2-0 |
| imagemagick | imagemagick | < 6.9.13-26 | 6.9.13-26 |
| imagemagick | imagemagick | >= 0 < 8:6.9.11.60+dfsg-1.3+deb11u6 | 8:6.9.11.60+dfsg-1.3+deb11u6 |
| imagemagick | imagemagick | >= 0 < 8:6.9.11.60+dfsg-1.6+deb12u4 | 8:6.9.11.60+dfsg-1.6+deb12u4 |
| imagemagick | imagemagick | >= 0 < 8:7.1.1.43+dfsg1-1+deb13u1 | 8:7.1.1.43+dfsg1-1+deb13u1 |
| imagemagick | imagemagick | >= 0 < 8:7.1.1.47+dfsg1-2 | 8:7.1.1.47+dfsg1-2 |
| imagemagick | imagemagick | >= 0 < 8:6.7.7.10-6ubuntu3.13+esm13 | 8:6.7.7.10-6ubuntu3.13+esm13 |
| imagemagick | imagemagick | >= 0 < 8:6.8.9.9-7ubuntu5.16+esm12 | 8:6.8.9.9-7ubuntu5.16+esm12 |
| imagemagick | imagemagick | >= 0 < 8:6.9.7.4+dfsg-16ubuntu6.15+esm4 | 8:6.9.7.4+dfsg-16ubuntu6.15+esm4 |
| imagemagick | imagemagick | >= 0 < 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm2 | 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm2 |
| imagemagick | imagemagick | >= 0 < 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm2 | 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm2 |
| imagemagick | imagemagick | >= 0 < 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm1 | 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm1 |
| imagemagick | imagemagick | >= 7.0.0-0 < 7.1.2-0 | 7.1.2-0 |
| msrc | azl3_kernel_6.6.57.1-7_on_azure_linux_3.0 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Trigger condition: multiple consecutive `%d` format specifiers in a filename template passed to `magick mogrify` command cause stack buffer overflow via `vsnprintf()` ↗
- →Monitor invocations of `magick mogrify` (or legacy `mogrify`) with filename arguments containing repeated `%d` sequences (e.g., `%d%d%d...`), which is the attack vector for this vulnerability ↗
- →Impact includes crash (DoS) or possible arbitrary code execution; treat any unexpected ImageMagick crash involving mogrify filename templates as potentially exploited ↗
- ·Vulnerability is exploitable only in versions prior to 7.1.2-0 (ImageMagick 7 branch) and 6.9.13-26 (ImageMagick 6 branch); patched versions are not affected ↗
- ·Scope is local per Debian security tracker; exploitation requires the ability to supply a crafted filename template to the mogrify command ↗
- ·No mitigation is available from Red Hat for affected RHEL versions; patching to a fixed version is the only remediation ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL
vendor_debian7.4HIGH
vendor_redhat7.4HIGH
vendor_msrc5.5MEDIUM
vendor_ubuntu3.7LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
imagemagick vulnerabilities
osv·2025-09-01·CVSS 9.8
CVE-2025-53014 [CRITICAL] imagemagick vulnerabilities
imagemagick vulnerabilities
It was discovered that ImageMagick did not properly process certain
format strings when interpreting image filenames. An attacker could
possibly use this issue to cause ImageMagick to crash, resulting in
a denial of service. (CVE-2025-53014)
It was discovered that ImageMagick did not properly process certain
format strings when interpreting image filenames. An attacker could
possibly use this issue to cause ImageMagick to consume resources,
resulting in a denial of service. This issue only affected
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,
and Ubuntu 24.04 LTS. (CVE-2025-53019)
It was discovered that ImageMagick did not properly process certain
format strings when interpreting image filenames. An attacker could
possibly use this
OSV
ImageMagick has a Stack Buffer Overflow in image.c
osv·2025-08-25
CVE-2025-53101 [HIGH] ImageMagick has a Stack Buffer Overflow in image.c
ImageMagick has a Stack Buffer Overflow in image.c
Hi, we have found a stack buffer overflow and would like to report this issue.
Could you confirm if this qualifies as a security vulnerability? I am happy to provide any additional information needed.
## Summary
In ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal pointer arithmetic to generate an address below the beginning of the stack buffer, resulting in a stack overflow through `vsnprintf()`.
### Additional information
Upon further investigation, we found that the same issue occurs not only with mogrify but also with the following subcommands: compare, composite, conjure, convert, identify, mogrify, and montage.
Furthermore, we confirmed that thi
GHSA
ImageMagick has a Stack Buffer Overflow in image.c
ghsa·2025-08-25
CVE-2025-53101 [HIGH] CWE-124 ImageMagick has a Stack Buffer Overflow in image.c
ImageMagick has a Stack Buffer Overflow in image.c
Hi, we have found a stack buffer overflow and would like to report this issue.
Could you confirm if this qualifies as a security vulnerability? I am happy to provide any additional information needed.
## Summary
In ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal pointer arithmetic to generate an address below the beginning of the stack buffer, resulting in a stack overflow through `vsnprintf()`.
### Additional information
Upon further investigation, we found that the same issue occurs not only with mogrify but also with the following subcommands: compare, composite, conjure, convert, identify, mogrify, and montage.
Furthermore, we confirmed that thi
OSV
CVE-2025-53101: ImageMagick is free and open-source software used for editing and manipulating digital images
osv·2025-07-14·CVSS 9.8
CVE-2025-53101 [CRITICAL] CVE-2025-53101: ImageMagick is free and open-source software used for editing and manipulating digital images
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal pointer arithmetic to generate an address below the beginning of the stack buffer, resulting in a stack overflow through `vsnprintf()`. Versions 7.1.2-0 and 6.9.13-26 fix the issue.
Ubuntu
ImageMagick vulnerabilities
vendor_ubuntu·2025-09-01·CVSS 3.7
CVE-2025-53019 [LOW] ImageMagick vulnerabilities
Title: ImageMagick vulnerabilities
Summary: Several security issues were fixed in ImageMagick.
It was discovered that ImageMagick did not properly process certain
format strings when interpreting image filenames. An attacker could
possibly use this issue to cause ImageMagick to crash, resulting in
a denial of service. (CVE-2025-53014)
It was discovered that ImageMagick did not properly process certain
format strings when interpreting image filenames. An attacker could
possibly use this issue to cause ImageMagick to consume resources,
resulting in a denial of service. This issue only affected
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,
and Ubuntu 24.04 LTS. (CVE-2025-53019)
It was discovered that ImageMagick did not properly process certain
format strings whe
Red Hat
ImageMagick: ImageMagick Stack Buffer Overflow
vendor_redhat·2025-07-14·CVSS 7.4
CVE-2025-53101 [HIGH] CWE-124 ImageMagick: ImageMagick Stack Buffer Overflow
ImageMagick: ImageMagick Stack Buffer Overflow
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal pointer arithmetic to generate an address below the beginning of the stack buffer, resulting in a stack overflow through `vsnprintf()`. Versions 7.1.2-0 and 6.9.13-26 fix the issue.
A stack buffer overflow flaw has been discovered in ImageMagick. An attacker may be able to specify multiple `%d` format options in a filename template which causes internal pointer arithmetic to generate an address below the beginning of the stack buffer.
Mitigation: Mitigation for this iss
Debian
CVE-2025-53101: imagemagick - ImageMagick is free and open-source software used for editing and manipulating d...
vendor_debian·2025·CVSS 7.4
CVE-2025-53101 [HIGH] CVE-2025-53101: imagemagick - ImageMagick is free and open-source software used for editing and manipulating d...
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal pointer arithmetic to generate an address below the beginning of the stack buffer, resulting in a stack overflow through `vsnprintf()`. Versions 7.1.2-0 and 6.9.13-26 fix the issue.
Scope: local
bookworm: resolved (fixed in 8:6.9.11.60+dfsg-1.6+deb12u4)
bullseye: resolved (fixed in 8:6.9.11.60+dfsg-1.3+deb11u6)
forky: resolved (fixed in 8:7.1.1.47+dfsg1-2)
sid: resolved (fixed in 8:7.1.1.47+dfsg1-2)
trixie: resolved (fixed in 8:7.1.1.43+dfsg1-1+deb13u1)
Microsoft
fs: Fix uninitialized value issue in from_kuid and from_kgid
vendor_msrc·2024-11-12·CVSS 5.5
CVE-2024-53101 [MEDIUM] CWE-908 fs: Fix uninitialized value issue in from_kuid and from_kgid
fs: Fix uninitialized value issue in from_kuid and from_kgid
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
Linux: Linux
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2025-53101 ImageMagick: ImageMagick Stack Buffer Overflow [fedora-42]
bugzilla·2025-07-14·CVSS 9.8
CVE-2025-53101 [CRITICAL] CVE-2025-53101 ImageMagick: ImageMagick Stack Buffer Overflow [fedora-42]
CVE-2025-53101 ImageMagick: ImageMagick Stack Buffer Overflow [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from r
Bugzilla
CVE-2025-53101 ImageMagick: ImageMagick Stack Buffer Overflow [epel-9]
bugzilla·2025-07-14·CVSS 9.8
CVE-2025-53101 [CRITICAL] CVE-2025-53101 ImageMagick: ImageMagick Stack Buffer Overflow [epel-9]
CVE-2025-53101 ImageMagick: ImageMagick Stack Buffer Overflow [epel-9]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
FEDORA-EPEL-2026-2d971fc3b0 (ImageMagick-6.9.13.49-1.el9) has been submitted as an update to Fedora EPEL 9.
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-2d971fc3b0
---
FEDORA-EPEL-2026-fb9a9ab1e9 has be
Bugzilla
CVE-2025-53101 ImageMagick: ImageMagick Stack Buffer Overflow [epel-8]
bugzilla·2025-07-14·CVSS 9.8
CVE-2025-53101 [CRITICAL] CVE-2025-53101 ImageMagick: ImageMagick Stack Buffer Overflow [epel-8]
CVE-2025-53101 ImageMagick: ImageMagick Stack Buffer Overflow [epel-8]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
FEDORA-EPEL-2026-2d971fc3b0 (ImageMagick-6.9.13.49-1.el9) has been submitted as an update to Fedora EPEL 9.
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-2d971fc3b0
---
FEDORA-EPEL-2026-fb9a9ab1e9 has be
https://github.com/ImageMagick/ImageMagick/commit/66dc8f51c11b0ae1f1cdeacd381c3e9a4de69774https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh3h-j545-h8c9https://lists.debian.org/debian-lts-announce/2025/09/msg00012.htmlhttps://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh3h-j545-h8c9
2025-07-14
Published