What the vulnerability does

01Description

A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file. This vulnerability is triggered when an attacker passes a specially crafted DICOM image file to ImageMagick for conversion, potentially leading to information disclosure and a denial of service.

Key dates

02Disclosure timeline

April 29, 2022 CVE published
August 2, 2024 Record updated