VDB

DEBIAN-CVE-2022-44268

DEBIAN-CVE-2022-44268 PUBLISHED CVSS 6.5 MEDIUM

ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersions
Debian:14imagemagick0, 0, 0
Debian:13imagemagick0, 0, 0
Debian:11imagemagick*, 0, 8:6.9.11.60+dfsg-1.3
Debian:12imagemagick0, 0, 0

Timeline

  • Feb 6, 2023 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›