CVE-2025-57807 LOW

CVE-2025-57807: ImageMagick BlobStream Forward-Seek Under-Allocation

Vendor Imagemagick
Product ImageMagick
Weakness CWE-787
Published September 5, 2025
Last update November 3, 2025

CVSS base score

3.8/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob(), which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob(), which then expands by quantum + length (amortized) instead of offset + length, and copies to data + offset. When offset ≫ extent, the copy targets memory beyond the allocation, producing a deterministic heap write on 64-bit builds. No 2⁶⁴ arithmetic wrap, external delegates, or policy settings are required. This is fixed in version 14.8.2.

Key dates

02Disclosure timeline

September 5, 2025 CVE published
November 3, 2025 Record updated