Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2025-66628

Good to know:

icon
icon

Date: December 10, 2025

ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM (PSX TIM) image parser contains a critical integer overflow vulnerability in its ReadTIMImage function (coders/tim.c). The code reads width and height (16-bit values) from the file header and calculates image_size = 2 * width * height without checking for overflow. On 32-bit systems (or where size_t is 32-bit), this calculation can overflow if width and height are large (e.g., 65535), wrapping around to a small value. This results in a small heap allocation via AcquireQuantumMemory and later operations relying on the dimensions can trigger an out of bounds read. This issue is fixed in version 7.1.2-10.

Severity Score

Related Resources (5)

https://nvd.nist.gov/vuln/detail/CVE-2025-66628
https://github.com/ImageMagick/ImageMagick
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6hjr-v6g4-3fm8
https://github.com/dlemstra/Magick.NET/commit/2dfa08e15cfd11016a79615994787b14f9048b1c
https://www.mend.io/vulnerability-database/CVE-2025-66628

Severity Score

Weakness Type (CWE)

Out-of-bounds Read

CWE-125

Top Fix

icon

Upgrade Version

Upgrade to version magick.net-q16-anycpu - 14.10.0;magick.net-q16-hdri-anycpu - 14.10.0;magick.net-q16-hdri-x86 - 14.10.0;magick.net-q16-x86 - 14.10.0;magick.net-q8-anycpu - 14.10.0;magick.net-q8-x86 - 14.10.0

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): NONE
Availability (A): NONE

Do you need more information?

Contact Us