vulnerability
Amazon Linux 2023: CVE-2025-55004: Important priority package update for ImageMagick
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:M/Au:N/C:C/I:P/A:P) | Aug 13, 2025 | Sep 16, 2025 | Sep 16, 2025 |
Severity
8
CVSS
(AV:N/AC:M/Au:N/C:C/I:P/A:P)
Published
Aug 13, 2025
Added
Sep 16, 2025
Modified
Sep 16, 2025
Description
A heap-based buffer overflow flaw was found in ImageMagick. This issue is present when handling images with separate alpha channels and performing image magnification in ReadOneMNGIMage. This vulnerability could be exploited to leak subsequent memory contents into the output image.
Solutions
amazon-linux-2023-upgrade-imagemagickamazon-linux-2023-upgrade-imagemagick-camazon-linux-2023-upgrade-imagemagick-c-debuginfoamazon-linux-2023-upgrade-imagemagick-c-develamazon-linux-2023-upgrade-imagemagick-debuginfoamazon-linux-2023-upgrade-imagemagick-debugsourceamazon-linux-2023-upgrade-imagemagick-develamazon-linux-2023-upgrade-imagemagick-docamazon-linux-2023-upgrade-imagemagick-libsamazon-linux-2023-upgrade-imagemagick-libs-debuginfoamazon-linux-2023-upgrade-imagemagick-perlamazon-linux-2023-upgrade-imagemagick-perl-debuginfo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.