CVE-2026-56362 - CERT CVE
ID CVE-2026-56362
Sažetak ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex caused by OpenPixelCache updating image channel metadata before pixel cache memory allocation. Attackers can trigger memory and disk allocation failures to cause a heap-buffer-overflow read affecting any writer calling GetPixelIndex.
Reference
CVSS
Base: 3.3
Impact: 2.5
Exploitability:0.7
Pristup
VektorSloženostAutentikacija
NETWORK HIGH HIGH
Impact
PovjerljivostCjelovitostDostupnost
LOW NONE LOW
CVSS vektor CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:L
Zadnje važnije ažuriranje 10-07-2026 - 18:27
Objavljeno 08-07-2026 - 14:17