LOW 3.7 NuGet
ImageMagick: Integer Overflow in PSB (PSD v2) RLE decoding path causes heap Out of Bounds reads for 32-bit builds
GHSA-273h-m46v-96q4 · CVE-2026-25984
Published · Modified
Description
An integer overflow in the PSB (PSD v2) RLE decoding path causes a heap out-of-bounds read on 32-bit builds. This can lead to information disclosure or a crash when processing crafted PSB files.
=================================================================
==3298==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xf512eb00 at pc 0xf76760b5 bp 0xffc1dfb8 sp 0xffc1dfa8
READ of size 8 at 0xf512eb00 thread T0
#0 0xf76760b4 in ReadPSDChannelRLE coders/psd.c:1141
References
- WEB https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-273h-m46v-96q4
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2026-25984
- WEB https://github.com/ImageMagick/ImageMagick/commit/5b91ab69af614024255fd93dcc9a62b41fbc435c
- PACKAGE https://github.com/ImageMagick/ImageMagick
- WEB https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
Ready to move
Start Securing
Free, no credit card | First findings in minutes