GSA_kwCzR0hTQS02aGd3LTZ4ODctNTc4eM4ABLZ9

Moderate EPSS: 0.00026% (0.05522 Percentile) EPSS:

Permalink JSON

ImageMagick has Undefined Behavior (function-type-mismatch) in CloneSplayTree

Affected Packages	Affected Versions	Fixed Versions
nuget:Magick.NET-Q8-x86 PURL: `pkg:nuget/Magick.NET-Q8-x86`	< 14.8.0	14.8.0
0 Dependent packages 0 Dependent repositories 848,605 Downloads total Affected Version Ranges All affected versions 7.0.1, 7.0.3, 7.0.6, 7.0.7, 7.1.0, 7.2.0, 7.2.1, 7.3.0, 7.4.0, 7.4.1, 7.4.2, 7.4.3, 7.4.4, 7.4.5, 7.4.6, 7.5.0, 7.6.0, 7.7.0, 7.8.0, 7.9.0, 7.9.1, 7.9.2, 7.10.0, 7.10.1, 7.10.2, 7.11.0, 7.11.1, 7.12.0, 7.13.0, 7.13.1, 7.14.0, 7.14.1, 7.14.2, 7.14.3, 7.14.4, 7.14.5, 7.15.0, 7.15.1, 7.15.2, 7.15.3, 7.15.4, 7.15.5, 7.16.0, 7.16.1, 7.17.0, 7.18.0, 7.19.0, 7.20.0, 7.21.0, 7.21.1, 7.22.0, 7.22.1, 7.22.2, 7.22.3, 7.23.0, 7.23.1, 7.23.2, 7.23.3, 7.23.4, 7.24.0, 7.24.1, 8.0.0, 8.0.1, 8.1.0, 8.2.0, 8.2.1, 8.3.0, 8.3.1, 8.3.2, 8.3.3, 8.4.0, 8.5.0, 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1, 14.8.2
nuget:Magick.NET-Q8-x64 PURL: `pkg:nuget/Magick.NET-Q8-x64`	< 14.8.0	14.8.0
5 Dependent packages 0 Dependent repositories 3,417,171 Downloads total Affected Version Ranges All affected versions 7.0.1, 7.0.3, 7.0.6, 7.0.7, 7.1.0, 7.2.0, 7.2.1, 7.3.0, 7.4.0, 7.4.1, 7.4.2, 7.4.3, 7.4.4, 7.4.5, 7.4.6, 7.5.0, 7.6.0, 7.7.0, 7.8.0, 7.9.0, 7.9.1, 7.9.2, 7.10.0, 7.10.1, 7.10.2, 7.11.0, 7.11.1, 7.12.0, 7.13.0, 7.13.1, 7.14.0, 7.14.1, 7.14.2, 7.14.3, 7.14.4, 7.14.5, 7.15.0, 7.15.1, 7.15.2, 7.15.3, 7.15.4, 7.15.5, 7.16.0, 7.16.1, 7.17.0, 7.18.0, 7.19.0, 7.20.0, 7.21.0, 7.21.1, 7.22.0, 7.22.1, 7.22.2, 7.22.3, 7.23.0, 7.23.1, 7.23.2, 7.23.3, 7.23.4, 7.24.0, 7.24.1, 8.0.0, 8.0.1, 8.1.0, 8.2.0, 8.2.1, 8.3.0, 8.3.1, 8.3.2, 8.3.3, 8.4.0, 8.5.0, 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1, 14.8.2
nuget:Magick.NET-Q8-arm64 PURL: `pkg:nuget/Magick.NET-Q8-arm64`	< 14.8.0	14.8.0
0 Dependent packages 0 Dependent repositories 65,072 Downloads total Affected Version Ranges All affected versions 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1
nuget:Magick.NET-Q8-OpenMP-x64 PURL: `pkg:nuget/Magick.NET-Q8-OpenMP-x64`	< 14.8.0	14.8.0
0 Dependent packages 0 Dependent repositories 345,858 Downloads total Affected Version Ranges All affected versions 7.14.0, 7.14.1, 7.14.2, 7.14.3, 7.14.4, 7.14.5, 7.15.0, 7.15.1, 7.15.2, 7.15.3, 7.15.4, 7.15.5, 7.16.0, 7.16.1, 7.17.0, 7.18.0, 7.19.0, 7.20.0, 7.21.0, 7.21.1, 7.22.0, 7.22.1, 7.22.2, 7.22.3, 7.23.0, 7.23.1, 7.23.2, 7.23.3, 7.23.4, 7.24.0, 7.24.1, 8.0.0, 8.0.1, 8.1.0, 8.2.0, 8.2.1, 8.3.0, 8.3.1, 8.3.2, 8.3.3, 8.4.0, 8.5.0, 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1
nuget:Magick.NET-Q8-OpenMP-arm64 PURL: `pkg:nuget/Magick.NET-Q8-OpenMP-arm64`	< 14.8.0	14.8.0
0 Dependent packages 0 Dependent repositories 43,966 Downloads total Affected Version Ranges All affected versions 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1
nuget:Magick.NET-Q8-AnyCPU PURL: `pkg:nuget/Magick.NET-Q8-AnyCPU`	< 14.8.0	14.8.0
34 Dependent packages 0 Dependent repositories 16,651,725 Downloads total Affected Version Ranges All affected versions 7.0.1, 7.0.3, 7.0.6, 7.0.7, 7.1.0, 7.2.0, 7.2.1, 7.3.0, 7.4.0, 7.4.1, 7.4.2, 7.4.3, 7.4.4, 7.4.5, 7.4.6, 7.5.0, 7.6.0, 7.7.0, 7.8.0, 7.9.0, 7.9.1, 7.9.2, 7.10.0, 7.10.1, 7.10.2, 7.11.0, 7.11.1, 7.12.0, 7.13.0, 7.13.1, 7.14.0, 7.14.1, 7.14.2, 7.14.3, 7.14.4, 7.14.5, 7.15.0, 7.15.1, 7.15.2, 7.15.3, 7.15.4, 7.15.5, 7.16.0, 7.16.1, 7.17.0, 7.18.0, 7.19.0, 7.20.0, 7.21.0, 7.21.1, 7.22.0, 7.22.1, 7.22.2, 7.22.3, 7.23.0, 7.23.1, 7.23.2, 7.23.3, 7.23.4, 7.24.0, 7.24.1, 8.0.0, 8.0.1, 8.1.0, 8.2.0, 8.2.1, 8.3.0, 8.3.1, 8.3.2, 8.3.3, 8.4.0, 8.5.0, 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1, 14.8.2
nuget:Magick.NET-Q16-x86 PURL: `pkg:nuget/Magick.NET-Q16-x86`	< 14.8.0	14.8.0
0 Dependent packages 0 Dependent repositories 650,667 Downloads total Affected Version Ranges All affected versions 7.0.1, 7.0.3, 7.0.6, 7.0.7, 7.1.0, 7.2.0, 7.2.1, 7.3.0, 7.4.0, 7.4.1, 7.4.2, 7.4.3, 7.4.4, 7.4.5, 7.4.6, 7.5.0, 7.6.0, 7.7.0, 7.8.0, 7.9.0, 7.9.1, 7.9.2, 7.10.0, 7.10.1, 7.10.2, 7.11.0, 7.11.1, 7.12.0, 7.13.0, 7.13.1, 7.14.0, 7.14.1, 7.14.2, 7.14.3, 7.14.4, 7.14.5, 7.15.0, 7.15.1, 7.15.2, 7.15.3, 7.15.4, 7.15.5, 7.16.0, 7.16.1, 7.17.0, 7.18.0, 7.19.0, 7.20.0, 7.21.0, 7.21.1, 7.22.0, 7.22.1, 7.22.2, 7.22.3, 7.23.0, 7.23.1, 7.23.2, 7.23.3, 7.23.4, 7.24.0, 7.24.1, 8.0.0, 8.0.1, 8.1.0, 8.2.0, 8.2.1, 8.3.0, 8.3.1, 8.3.2, 8.3.3, 8.4.0, 8.5.0, 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1
nuget:Magick.NET-Q16-x64 PURL: `pkg:nuget/Magick.NET-Q16-x64`	< 14.8.0	14.8.0
3 Dependent packages 0 Dependent repositories 4,300,625 Downloads total Affected Version Ranges All affected versions 7.0.1, 7.0.3, 7.0.6, 7.0.7, 7.1.0, 7.2.0, 7.2.1, 7.3.0, 7.4.0, 7.4.1, 7.4.2, 7.4.3, 7.4.4, 7.4.5, 7.4.6, 7.5.0, 7.6.0, 7.7.0, 7.8.0, 7.9.0, 7.9.1, 7.9.2, 7.10.0, 7.10.1, 7.10.2, 7.11.0, 7.11.1, 7.12.0, 7.13.0, 7.13.1, 7.14.0, 7.14.1, 7.14.2, 7.14.3, 7.14.4, 7.14.5, 7.15.0, 7.15.1, 7.15.2, 7.15.3, 7.15.4, 7.15.5, 7.16.0, 7.16.1, 7.17.0, 7.18.0, 7.19.0, 7.20.0, 7.21.0, 7.21.1, 7.22.0, 7.22.1, 7.22.2, 7.22.3, 7.23.0, 7.23.1, 7.23.2, 7.23.3, 7.23.4, 7.24.0, 7.24.1, 8.0.0, 8.0.1, 8.1.0, 8.2.0, 8.2.1, 8.3.0, 8.3.1, 8.3.2, 8.3.3, 8.4.0, 8.5.0, 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1, 14.8.2
nuget:Magick.NET-Q16-arm64 PURL: `pkg:nuget/Magick.NET-Q16-arm64`	< 14.8.0	14.8.0
0 Dependent packages 0 Dependent repositories 95,942 Downloads total Affected Version Ranges All affected versions 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1, 14.8.2
nuget:Magick.NET-Q16-OpenMP-x64 PURL: `pkg:nuget/Magick.NET-Q16-OpenMP-x64`	< 14.8.0	14.8.0
0 Dependent packages 0 Dependent repositories 179,875 Downloads total Affected Version Ranges All affected versions 7.14.0, 7.14.1, 7.14.2, 7.14.3, 7.14.4, 7.14.5, 7.15.0, 7.15.1, 7.15.2, 7.15.3, 7.15.4, 7.15.5, 7.16.0, 7.16.1, 7.17.0, 7.18.0, 7.19.0, 7.20.0, 7.21.0, 7.21.1, 7.22.0, 7.22.1, 7.22.2, 7.22.3, 7.23.0, 7.23.1, 7.23.2, 7.23.3, 7.23.4, 7.24.0, 7.24.1, 8.0.0, 8.0.1, 8.1.0, 8.2.0, 8.2.1, 8.3.0, 8.3.1, 8.3.2, 8.3.3, 8.4.0, 8.5.0, 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1
nuget:Magick.NET-Q16-OpenMP-arm64 PURL: `pkg:nuget/Magick.NET-Q16-OpenMP-arm64`	< 14.8.0	14.8.0
0 Dependent packages 0 Dependent repositories 87,092 Downloads total Affected Version Ranges All affected versions 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1, 14.8.2
nuget:Magick.NET-Q16-HDRI-x86 PURL: `pkg:nuget/Magick.NET-Q16-HDRI-x86`	< 14.8.0	14.8.0
0 Dependent packages 0 Dependent repositories 663,240 Downloads total Affected Version Ranges All affected versions 7.0.1, 7.0.3, 7.0.6, 7.0.7, 7.1.0, 7.2.0, 7.2.1, 7.3.0, 7.4.0, 7.4.1, 7.4.2, 7.4.3, 7.4.4, 7.4.5, 7.4.6, 7.5.0, 7.6.0, 7.7.0, 7.8.0, 7.9.0, 7.9.1, 7.9.2, 7.10.0, 7.10.1, 7.10.2, 7.11.0, 7.11.1, 7.12.0, 7.13.0, 7.13.1, 7.14.0, 7.14.1, 7.14.2, 7.14.3, 7.14.4, 7.14.5, 7.15.0, 7.15.1, 7.15.2, 7.15.3, 7.15.4, 7.15.5, 7.16.0, 7.16.1, 7.17.0, 7.18.0, 7.19.0, 7.20.0, 7.21.0, 7.21.1, 7.22.0, 7.22.1, 7.22.2, 7.22.3, 7.23.0, 7.23.1, 7.23.2, 7.23.3, 7.23.4, 7.24.0, 7.24.1, 8.0.0, 8.0.1, 8.1.0, 8.2.0, 8.2.1, 8.3.0, 8.3.1, 8.3.2, 8.3.3, 8.4.0, 8.5.0, 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1, 14.8.2
nuget:Magick.NET-Q16-HDRI-x64 PURL: `pkg:nuget/Magick.NET-Q16-HDRI-x64`	< 14.8.0	14.8.0
1 Dependent packages 0 Dependent repositories 994,254 Downloads total Affected Version Ranges All affected versions 7.0.1, 7.0.3, 7.0.6, 7.0.7, 7.1.0, 7.2.0, 7.2.1, 7.3.0, 7.4.0, 7.4.1, 7.4.2, 7.4.3, 7.4.4, 7.4.5, 7.4.6, 7.5.0, 7.6.0, 7.7.0, 7.8.0, 7.9.0, 7.9.1, 7.9.2, 7.10.0, 7.10.1, 7.10.2, 7.11.0, 7.11.1, 7.12.0, 7.13.0, 7.13.1, 7.14.0, 7.14.1, 7.14.2, 7.14.3, 7.14.4, 7.14.5, 7.15.0, 7.15.1, 7.15.2, 7.15.3, 7.15.4, 7.15.5, 7.16.0, 7.16.1, 7.17.0, 7.18.0, 7.19.0, 7.20.0, 7.21.0, 7.21.1, 7.22.0, 7.22.1, 7.22.2, 7.22.3, 7.23.0, 7.23.1, 7.23.2, 7.23.3, 7.23.4, 7.24.0, 7.24.1, 8.0.0, 8.0.1, 8.1.0, 8.2.0, 8.2.1, 8.3.0, 8.3.1, 8.3.2, 8.3.3, 8.4.0, 8.5.0, 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1, 14.8.2
nuget:Magick.NET-Q16-HDRI-arm64 PURL: `pkg:nuget/Magick.NET-Q16-HDRI-arm64`	< 14.8.0	14.8.0
0 Dependent packages 0 Dependent repositories 88,754 Downloads total Affected Version Ranges All affected versions 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1, 14.8.2
nuget:Magick.NET-Q16-HDRI-OpenMP-x64 PURL: `pkg:nuget/Magick.NET-Q16-HDRI-OpenMP-x64`	< 14.8.0	14.8.0
0 Dependent packages 0 Dependent repositories 325,019 Downloads total Affected Version Ranges All affected versions 7.14.0, 7.14.1, 7.14.2, 7.14.3, 7.14.4, 7.14.5, 7.15.0, 7.15.1, 7.15.2, 7.15.3, 7.15.4, 7.15.5, 7.16.0, 7.16.1, 7.17.0, 7.18.0, 7.19.0, 7.20.0, 7.21.0, 7.21.1, 7.22.0, 7.22.1, 7.22.2, 7.22.3, 7.23.0, 7.23.1, 7.23.2, 7.23.3, 7.23.4, 7.24.0, 7.24.1, 8.0.0, 8.0.1, 8.1.0, 8.2.0, 8.2.1, 8.3.0, 8.3.1, 8.3.2, 8.3.3, 8.4.0, 8.5.0, 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1, 14.8.2
nuget:Magick.NET-Q16-HDRI-OpenMP-arm64 PURL: `pkg:nuget/Magick.NET-Q16-HDRI-OpenMP-arm64`	< 14.8.0	14.8.0
0 Dependent packages 0 Dependent repositories 43,421 Downloads total Affected Version Ranges All affected versions 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1
nuget:Magick.NET-Q16-HDRI-AnyCPU PURL: `pkg:nuget/Magick.NET-Q16-HDRI-AnyCPU`	< 14.8.0	14.8.0
5 Dependent packages 0 Dependent repositories 2,489,430 Downloads total Affected Version Ranges All affected versions 7.0.1, 7.0.3, 7.0.6, 7.0.7, 7.1.0, 7.2.0, 7.2.1, 7.3.0, 7.4.0, 7.4.1, 7.4.2, 7.4.3, 7.4.4, 7.4.5, 7.4.6, 7.5.0, 7.6.0, 7.7.0, 7.8.0, 7.9.0, 7.9.1, 7.9.2, 7.10.0, 7.10.1, 7.10.2, 7.11.0, 7.11.1, 7.12.0, 7.13.0, 7.13.1, 7.14.0, 7.14.1, 7.14.2, 7.14.3, 7.14.4, 7.14.5, 7.15.0, 7.15.1, 7.15.2, 7.15.3, 7.15.4, 7.15.5, 7.16.0, 7.16.1, 7.17.0, 7.18.0, 7.19.0, 7.20.0, 7.21.0, 7.21.1, 7.22.0, 7.22.1, 7.22.2, 7.22.3, 7.23.0, 7.23.1, 7.23.2, 7.23.3, 7.23.4, 7.24.0, 7.24.1, 8.0.0, 8.0.1, 8.1.0, 8.2.0, 8.2.1, 8.3.0, 8.3.1, 8.3.2, 8.3.3, 8.4.0, 8.5.0, 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1, 14.8.2
nuget:Magick.NET-Q16-AnyCPU PURL: `pkg:nuget/Magick.NET-Q16-AnyCPU`	< 14.8.0	14.8.0
62 Dependent packages 0 Dependent repositories 32,766,401 Downloads total Affected Version Ranges All affected versions 7.0.1, 7.0.3, 7.0.6, 7.0.7, 7.1.0, 7.2.0, 7.2.1, 7.3.0, 7.4.0, 7.4.1, 7.4.2, 7.4.3, 7.4.4, 7.4.5, 7.4.6, 7.5.0, 7.6.0, 7.7.0, 7.8.0, 7.9.0, 7.9.1, 7.9.2, 7.10.0, 7.10.1, 7.10.2, 7.11.0, 7.11.1, 7.12.0, 7.13.0, 7.13.1, 7.14.0, 7.14.1, 7.14.2, 7.14.3, 7.14.4, 7.14.5, 7.15.0, 7.15.1, 7.15.2, 7.15.3, 7.15.4, 7.15.5, 7.16.0, 7.16.1, 7.17.0, 7.18.0, 7.19.0, 7.20.0, 7.21.0, 7.21.1, 7.22.0, 7.22.1, 7.22.2, 7.22.3, 7.23.0, 7.23.1, 7.23.2, 7.23.3, 7.23.4, 7.24.0, 7.24.1, 8.0.0, 8.0.1, 8.1.0, 8.2.0, 8.2.1, 8.3.0, 8.3.1, 8.3.2, 8.3.3, 8.4.0, 8.5.0, 8.6.0, 8.6.1, 9.0.0, 9.1.0, 9.1.1, 9.1.2, 10.0.0, 10.1.0, 11.0.0, 11.1.0, 11.1.1, 11.1.2, 11.2.0, 11.2.1, 11.3.0, 12.0.0, 12.0.1, 12.1.0, 12.2.0, 12.2.1, 12.2.2, 12.3.0, 13.0.0, 13.0.1, 13.1.0, 13.1.1, 13.1.2, 13.1.3, 13.2.0, 13.3.0, 13.4.0, 13.5.0, 13.6.0, 13.7.0, 13.8.0, 13.9.0, 13.9.1, 13.10.0, 14.0.0, 14.1.0, 14.2.0, 14.3.0, 14.4.0, 14.5.0, 14.6.0, 14.7.0 All unaffected versions 14.8.0, 14.8.1, 14.8.2

Summary

Target: ImageMagick (commit ecc9a5eb456747374bae8e07038ba10b3d8821b3)
Type: Undefined Behavior (function-type-mismatch) in splay tree cloning callback
Impact: Deterministic abort under UBSan (DoS in sanitizer builds). No crash in a non-sanitized build; likely low security impact.
Trigger: Minimal 2-byte input parsed via MagickWand, then coalescing.

Environment

OS: macOS (Apple Silicon/arm64)
Homebrew clang version 20.1.8
Target: arm64-apple-darwin24.5.0
Thread model: posix
InstalledDir: /opt/homebrew/Cellar/llvm/20.1.8/bin
Configuration file: /opt/homebrew/etc/clang/arm64-apple-darwin24.cfg
Homebrew ImageMagick: magick -version → ImageMagick 7.1.2-0 Q16-HDRI aarch64
pkg-config: MagickWand-7.Q16HDRI version 7.1.2
Library configure flags (capsule build):
./configure --disable-shared --enable-static --without-modules --without-magick-plus-plus --disable-openmp --without-perl --without-x --with-png=yes --without-jpeg --without-tiff --without-xml --without-lqr --without-gslib
Harness compile flags:
-fsanitize=fuzzer,address,undefined -fno-omit-frame-pointer
pkg-config cflags/libs supplied:
-I<...>/include/ImageMagick-7
-DMAGICKCORE_HDRI_ENABLE=1 -DMAGICKCORE_QUANTUM_DEPTH=16 -DMAGICKCORE_CHANNEL_MASK_DEPTH=32
and linked against MagickWand-7.Q16HDRI and MagickCore-7.Q16HDRI
Sanitizer runtime:
ASan+UBSan defaults. Repro also with UBSAN_OPTIONS=print_stacktrace=1:halt_on_error=1

PoC

Bytes (hex): 1c 02
Base64: HAI=
sha256 (optional):

Reproduction

Create PoC:

printf '\x1c\x02' > poc.bin

Option A: libFuzzer harness

Run once: ./harness_ImageMagick_... -runs=1 ./poc.bin
Expected: UBSan aborts with function-type-mismatch at MagickCore/splay-tree.c:372:43.

Option B: standalone reproducer (C)

Compile (ensure PKG_CONFIG_PATH points to your ImageMagick if needed):

/opt/homebrew/opt/llvm/bin/clang -g -O1 -fsanitize=address,undefined $(/opt/homebrew/bin/pkg-config --cflags MagickWand-7.Q16HDRI) repro.c -o repro $(/opt/homebrew/bin/pkg-config --libs MagickWand-7.Q16HDRI)

Run:

UBSAN_OPTIONS=print_stacktrace=1:halt_on_error=1 ./repro ./poc.bin
Observed output (excerpt)
MagickCore/splay-tree.c:372:43: runtime error: call to function ConstantString through pointer to incorrect function type 'void ()(void *)'
string.c:680: note: ConstantString defined here
#0 CloneSplayTree splay-tree.c:372
#1 CloneImageProfiles profile.c:159
#2 CloneImage image.c:832
#3 CoalesceImages layer.c:269
#4 MagickCoalesceImages magick-image.c:1665
#5 main repro.c:XX
Root cause
The splay tree clone callback expects a function pointer of type void *(*)(void *). ConstantString has a different signature (char *ConstantString(const char *)). Calling through the mismatched function type is undefined behavior in C and triggers UBSan’s function-type-mismatch.
The path is exercised during coalescing: CloneImage → CloneImageProfiles → CloneSplayTree.
Scope
Reproduces with a minimal, sanitizer-instrumented, PNG-enabled build and delegates disabled (policy.xml), suggesting the issue is in MagickCore rather than external delegates.
Suggested fix (sketch)
Use a wrapper that matches the expected callback prototype, or adjust the splay-tree callback typedef for const-correctness. For example:
static void *CloneStringShim(const void *p) {
return (void *) ConstantString((const char *) p);
}

/* When setting splay-tree clone_value, use CloneStringShim instead of ConstantString. */

Alternatively, update the clone callback typedefs to use const void* consistently (and return void*) and ensure callers pass a correctly typed wrapper.

Artifacts
Minimised PoC: attached (poc.bin, 2 bytes; base64 HAI=)
Harness source and exact build command (attached)
Full UBSan trace (attached)
Commit SHA and configure flags (above)
Credits
Discovered by: Lumina Mescuwa
Method: libFuzzer + UBSan
Verification

UBSan build: Reproduces with halt_on_error=1; aborts at MagickCore/splay-tree.c:372.
Non-sanitized Homebrew build (macOS arm64, clang 20.1.8): No crash; repro completes silently.

References:

Identifiers

GHSA-6hgw-6x87-578x

CVE-2025-55160

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00026

EPSS Percentile: 0.05522

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/ImageMagick/ImageMagick

Date and time

Published

12 days ago

Updated

12 days ago

API

JSON

GSA_kwCzR0hTQS02aGd3LTZ4ODctNTc4eM4ABLZ9

ImageMagick has Undefined Behavior (function-type-mismatch) in CloneSplayTree

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Affected Version Ranges

All affected versions

All unaffected versions

Summary

Environment

PoC

Reproduction

Identifiers

Risk

Severity

EPSS

Classification

Source

Origin

Repository

Date and time

Published

Updated

API