{"affected":[{"ecosystem_specific":{"binaries":[{"ImageMagick":"7.1.2.0-160000.4.1","ImageMagick-config-7-SUSE":"7.1.2.0-160000.4.1","ImageMagick-config-7-upstream-limited":"7.1.2.0-160000.4.1","ImageMagick-config-7-upstream-open":"7.1.2.0-160000.4.1","ImageMagick-config-7-upstream-secure":"7.1.2.0-160000.4.1","ImageMagick-config-7-upstream-websafe":"7.1.2.0-160000.4.1","ImageMagick-devel":"7.1.2.0-160000.4.1","ImageMagick-doc":"7.1.2.0-160000.4.1","ImageMagick-extra":"7.1.2.0-160000.4.1","libMagick++-7_Q16HDRI5":"7.1.2.0-160000.4.1","libMagick++-devel":"7.1.2.0-160000.4.1","libMagickCore-7_Q16HDRI10":"7.1.2.0-160000.4.1","libMagickWand-7_Q16HDRI10":"7.1.2.0-160000.4.1","perl-PerlMagick":"7.1.2.0-160000.4.1"}]},"package":{"ecosystem":"openSUSE:Leap 16.0","name":"ImageMagick","purl":"pkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2016.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.1.2.0-160000.4.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for ImageMagick fixes the following issues:\n\n- CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash\n  (bsc#1252749).\n- CVE-2025-57807: BlobStream Forward-Seek Under-Allocation (bsc#1249362).\n- CVE-2025-62171: incomplete fix for integer overflow in BMP Decoder (bsc#1252282).\n- CVE-2025-55298: format string bug vulnerability can lead to heap overflow (bsc#1248780).\n- CVE-2025-57803: 32-bit integer overflow can lead to heap out-of-bounds (OOB) write (bsc#1248784).\n- CVE-2025-55212: division-by-zero in ThumbnailImage() when passing a geometry string containing only a colon to\n  `montage -geometry` (bsc#1248767).\n","id":"openSUSE-SU-2025:20162-1","modified":"2025-12-15T09:55:25Z","published":"2025-12-15T09:55:25Z","references":[{"type":"ADVISORY","url":null},{"type":"REPORT","url":"https://bugzilla.suse.com/1248767"},{"type":"REPORT","url":"https://bugzilla.suse.com/1248780"},{"type":"REPORT","url":"https://bugzilla.suse.com/1248784"},{"type":"REPORT","url":"https://bugzilla.suse.com/1249362"},{"type":"REPORT","url":"https://bugzilla.suse.com/1252282"},{"type":"REPORT","url":"https://bugzilla.suse.com/1252749"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-55212"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-55298"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-57803"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-57807"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-62171"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-62594"}],"related":["CVE-2025-55212","CVE-2025-55298","CVE-2025-57803","CVE-2025-57807","CVE-2025-62171","CVE-2025-62594"],"summary":"Security update for ImageMagick","upstream":["CVE-2025-55212","CVE-2025-55298","CVE-2025-57803","CVE-2025-57807","CVE-2025-62171","CVE-2025-62594"]}