CVE Catalog

CVE-2025-65955

MediumCVSS 4.9
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.14%

4th percentile - higher than 4% of all known CVEs

Summary

In ImageMagick, prior to versions 7.1.2-9 and 6.9.13-34, there is a vulnerability in the Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. This leads to memory being freed while leaving a pointer to freed memory, which can result in crashes or heap corruption.

Risk Assessment

This vulnerability can lead to application crashes or memory corruption, threatening system stability and data security. Organizations using ImageMagick should be aware of the risks associated with using outdated software versions.

Recommendation

It is recommended to update ImageMagick to versions 7.1.2-9 or 6.9.13-34 to mitigate this vulnerability. Regular software updates are crucial for maintaining system security.

Original NVD description (English source)

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls RelinquishMagickMemory on _drawInfo->font, freeing the font string but leaving _drawInfo->font pointing to freed memory while _drawInfo->family is set to that (now-invalid) pointer. Any later cleanup or reuse of _drawInfo->font re-frees or dereferences dangling memory. DestroyDrawInfo and other setters (Options::font, Image::font) assume _drawInfo->font remains valid, so destruction or subsequent updates trigger crashes or heap corruption. This vulnerability is fixed in 7.1.2-9 and 6.9.13-34.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS