Skip to main content

Debian Linux CVE-2025-43965

LOW
Incorrect Calculation of Buffer Size (CWE-131)
2025-04-23 cve@mitre.org
Information Disclosure Debian Linux Imagemagick
2.9
CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

3
Analysis Generated
Mar 28, 2026 - 18:38 vuln.today
Patch released
Mar 28, 2026 - 18:38 nvd
Patch available
CVE Published
Apr 23, 2025 - 15:16 nvd
LOW 2.9

DescriptionNVD

In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used.

AnalysisAI

In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used. Rated low severity (CVSS 2.9), this vulnerability is no authentication required.

Technical ContextAI

This vulnerability is classified under CWE-131. In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used. Affected products include: Imagemagick, Debian Debian Linux. Version information: before 7.1.1.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2025-43965 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy