CVE-2025-68618

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-68618

Severity

5.3

Medium

CVSS V3

Summary

Magick's failure to limit the depth of SVG file reads caused a DoS attack.

Description

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7.1.2-12 fixes the issue.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-68618
https://github.com/advisories/GHSA-p27m-hp98-6637
https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68618.json
https://github.com/ImageMagick/ImageMagick/commit/6f431d445f3ddd609c004a1dde617b0a73e60beb
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p27m-hp98-6637

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

The trusted source for open source

Talk to an expert

Privacy

Terms

CVE-2025-68618

Severity

Summary

Description

References

Affected packages

The trusted source for open source

Product

Solutions

Customers

Resources

Company