VDB

CVE-2025-66628

CVE-2025-66628 PUBLISHED CVSS 7.5 HIGH

ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM (PSX TIM) image parser contains a critical integer overflow vulnerability in its ReadTIMImage function (coders/tim.c). The code reads width and height (16-bit values) from the file header and calculates image_size = 2 * width * height without checking for overflow. On 32-bit systems (or where size_t is 32-bit), this calculation can overflow if width and height are large (e.g., 65535), wrapping around to a small value. This results in a small heap allocation via AcquireQuantumMemory and later operations relying on the dimensions can trigger an out of bounds read. This issue is fixed in version 7.1.2-10.

EPSS 0.05% · 14.9th percentile

Risk Scores

CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.05%
14.9th percentile

Affected Products

VendorProductVersions
NuGetMagick.NET-Q16-AnyCPU0
NuGetMagick.NET-Q16-HDRI-x860
imagemagickimagemagick0
NuGetMagick.NET-Q8-AnyCPU0
NuGetMagick.NET-Q16-x860
ImageMagickImageMagick< 7.1.2-10
NuGetMagick.NET-Q16-HDRI-AnyCPU0
NuGetMagick.NET-Q8-x860

Timeline

  • Dec 5, 2025 CVE ID Reserved
  • Dec 10, 2025 CVE Published
  • Dec 11, 2025 EPSS Score
  • Dec 15, 2025 EPSS Score
  • Dec 19, 2025 EPSS Score
  • Dec 23, 2025 EPSS Score
  • Dec 27, 2025 EPSS Score
  • Jan 1, 2026 EPSS Score
  • Jan 5, 2026 EPSS Score
  • Jan 6, 2026 PoC Published
  • Jan 9, 2026 EPSS Score
  • Jan 13, 2026 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›