A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an application to crash, resulting in a denial of service.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/3xxx/CVE-2023-3745.json",
"cna_assigner": "redhat",
"cwe_ids": [
"CWE-125"
]
}{
"cpe": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "7.0.0-0"
},
{
"fixed": "7.0.10-0"
}
],
"source": [
"CPE_RANGE",
"REFERENCES"
]
}[
{
"digest": {
"function_hash": "148769445397280588461867256646424347782",
"length": 22362.0
},
"target": {
"function": "ReadTIFFImage",
"file": "coders/tiff.c"
},
"id": "CVE-2023-3745-0fc8b379",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/imagemagick/imagemagick/commit/54cdc146bbe50018526770be201b56643ad58ba7",
"deprecated": false
},
{
"digest": {
"function_hash": "280077603883983449602804815327969271080",
"length": 22406.0
},
"target": {
"function": "ReadTIFFImage",
"file": "coders/tiff.c"
},
"id": "CVE-2023-3745-3691a2d6",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/imagemagick/imagemagick/commit/651672f19c75161a6159d9b6838fd3095b6c5304",
"deprecated": false
},
{
"target": {
"file": "coders/pdf.c"
},
"id": "CVE-2023-3745-6885936e",
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/imagemagick/imagemagick/commit/00c3687ccca2bbc61bb117c28a6a689410693060",
"digest": {
"threshold": 0.9,
"line_hashes": [
"267088119790984257781778290784893837609",
"104586599622970597080585580560734579041",
"314242282688843173384374917212345720778",
"136651148297210183770076042970878253946"
]
},
"deprecated": false,
"match_only_versions": [
"7.0.1-0",
"7.0.1-1",
"7.0.1-10",
"7.0.1-2",
"7.0.1-3",
"7.0.1-4",
"7.0.1-5",
"7.0.1-6",
"7.0.1-7",
"7.0.1-8",
"7.0.1-9",
"7.0.2-0",
"7.0.2-1",
"7.0.2-10",
"7.0.2-2",
"7.0.2-3",
"7.0.2-4",
"7.0.2-5",
"7.0.2-6",
"7.0.2-7",
"7.0.2-8",
"7.0.2-9",
"7.0.3-0",
"7.0.3-1",
"7.0.3-10",
"7.0.3-2",
"7.0.3-3",
"7.0.3-4",
"7.0.3-5",
"7.0.3-6",
"7.0.3-7",
"7.0.3-8",
"7.0.3-9",
"7.0.4-0",
"7.0.4-1",
"7.0.4-10",
"7.0.4-2",
"7.0.4-3",
"7.0.4-4",
"7.0.4-5",
"7.0.4-6",
"7.0.4-7",
"7.0.4-8",
"7.0.4-9",
"7.0.5-0",
"7.0.5-1",
"7.0.5-10",
"7.0.5-2",
"7.0.5-3",
"7.0.5-4",
"7.0.5-5",
"7.0.5-6",
"7.0.5-7",
"7.0.5-8",
"7.0.5-9",
"7.0.6-0",
"7.0.6-1",
"7.0.6-2",
"7.0.6-3",
"7.0.6-4",
"7.0.6-5",
"7.0.6-6",
"7.0.6-7",
"7.0.6-8",
"7.0.6-9",
"7.0.7-0",
"7.0.7-1",
"7.0.7-10",
"7.0.7-11",
"7.0.7-12",
"7.0.7-13",
"7.0.7-14",
"7.0.7-15",
"7.0.7-16",
"7.0.7-17",
"7.0.7-18",
"7.0.7-19",
"7.0.7-2",
"7.0.7-20",
"7.0.7-21",
"7.0.7-22",
"7.0.7-23",
"7.0.7-24",
"7.0.7-25",
"7.0.7-26",
"7.0.7-27",
"7.0.7-28",
"7.0.7-29",
"7.0.7-3",
"7.0.7-30",
"7.0.7-31",
"7.0.7-32",
"7.0.7-33",
"7.0.7-34",
"7.0.7-35",
"7.0.7-36",
"7.0.7-37",
"7.0.7-38",
"7.0.7-39",
"7.0.7-4",
"7.0.7-5",
"7.0.7-6",
"7.0.7-8",
"7.0.7-9",
"7.0.7.7",
"7.0.8-0",
"7.0.8-1",
"7.0.8-10",
"7.0.8-11",
"7.0.8-12",
"7.0.8-13",
"7.0.8-14",
"7.0.8-15",
"7.0.8-16",
"7.0.8-17",
"7.0.8-18",
"7.0.8-19",
"7.0.8-2",
"7.0.8-20",
"7.0.8-21",
"7.0.8-22",
"7.0.8-23",
"7.0.8-24",
"7.0.8-25",
"7.0.8-26",
"7.0.8-27",
"7.0.8-28",
"7.0.8-29",
"7.0.8-3",
"7.0.8-30",
"7.0.8-31",
"7.0.8-32",
"7.0.8-33",
"7.0.8-34",
"7.0.8-35",
"7.0.8-36",
"7.0.8-37",
"7.0.8-38",
"7.0.8-39",
"7.0.8-4",
"7.0.8-40",
"7.0.8-41",
"7.0.8-42",
"7.0.8-43",
"7.0.8-44",
"7.0.8-45",
"7.0.8-46",
"7.0.8-47",
"7.0.8-48",
"7.0.8-49",
"7.0.8-5",
"7.0.8-50",
"7.0.8-51",
"7.0.8-52",
"7.0.8-53",
"7.0.8-54",
"7.0.8-55",
"7.0.8-56",
"7.0.8-57",
"7.0.8-58",
"7.0.8-59",
"7.0.8-6",
"7.0.8-60",
"7.0.8-61",
"7.0.8-62",
"7.0.8-63",
"7.0.8-64",
"7.0.8-65",
"7.0.8-66",
"7.0.8-67",
"7.0.8-68",
"7.0.8-7",
"7.0.8-8",
"7.0.8-9",
"7.0.9-0",
"7.0.9-1",
"7.0.9-10",
"7.0.9-11",
"7.0.9-12",
"7.0.9-13",
"7.0.9-14",
"7.0.9-15",
"7.0.9-16",
"7.0.9-17",
"7.0.9-18",
"7.0.9-19",
"7.0.9-2",
"7.0.9-20",
"7.0.9-21",
"7.0.9-22",
"7.0.9-23",
"7.0.9-24",
"7.0.9-25",
"7.0.9-26",
"7.0.9-27",
"7.0.9-4",
"7.0.9-5",
"7.0.9-6",
"7.0.9-7",
"7.0.9-8",
"7.0.9-9"
]
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"118824816895528287798113084228650057011",
"330836052793523869897681511012797318436",
"68125290772832173454986644648354935781",
"61239350792466514650104050197438222833",
"232192484066260492618245841682257617122",
"183138322953951099720810700417921294079",
"100517629411598991239095207334309534843",
"23811094227217603236953172319967586336",
"305569056091343756016595704207853994615"
]
},
"target": {
"file": "coders/tiff.c"
},
"id": "CVE-2023-3745-d6ea5ce0",
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/imagemagick/imagemagick/commit/651672f19c75161a6159d9b6838fd3095b6c5304",
"deprecated": false
},
{
"digest": {
"function_hash": "212123256541805407061688552405177200280",
"length": 48687.0
},
"target": {
"function": "WritePDFImage",
"file": "coders/pdf.c"
},
"id": "CVE-2023-3745-fa511610",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/imagemagick/imagemagick/commit/00c3687ccca2bbc61bb117c28a6a689410693060",
"deprecated": false
}
]
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-3745.json"
"2026-07-08T17:57:16Z"
{
"cpe": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "6.0"
},
{
"fixed": "6.9-11-0"
}
],
"source": [
"CPE_RANGE",
"REFERENCES"
]
}[
{
"target": {
"file": "coders/tiff.c"
},
"id": "CVE-2023-3745-9f4da241",
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/imagemagick/imagemagick6/commit/b466a96965afc1308a4ace93f5535c2b770f294b",
"digest": {
"threshold": 0.9,
"line_hashes": [
"292934116565201441995734901725454004893",
"63763273704688346237964183712642046444",
"119440533186373574013987693851953005624",
"165478093669305695043995546326112572685"
]
},
"deprecated": false,
"match_only_versions": [
"6.9.10-0",
"6.9.10-1",
"6.9.10-10",
"6.9.10-11",
"6.9.10-12",
"6.9.10-13",
"6.9.10-14",
"6.9.10-15",
"6.9.10-16",
"6.9.10-17",
"6.9.10-18",
"6.9.10-19",
"6.9.10-2",
"6.9.10-20",
"6.9.10-21",
"6.9.10-22",
"6.9.10-23",
"6.9.10-24",
"6.9.10-25",
"6.9.10-26",
"6.9.10-27",
"6.9.10-28",
"6.9.10-29",
"6.9.10-3",
"6.9.10-30",
"6.9.10-31",
"6.9.10-32",
"6.9.10-33",
"6.9.10-34",
"6.9.10-35",
"6.9.10-36",
"6.9.10-37",
"6.9.10-38",
"6.9.10-39",
"6.9.10-4",
"6.9.10-40",
"6.9.10-41",
"6.9.10-42",
"6.9.10-43",
"6.9.10-44",
"6.9.10-45",
"6.9.10-46",
"6.9.10-47",
"6.9.10-48",
"6.9.10-49",
"6.9.10-5",
"6.9.10-50",
"6.9.10-51",
"6.9.10-52",
"6.9.10-53",
"6.9.10-54",
"6.9.10-55",
"6.9.10-56",
"6.9.10-57",
"6.9.10-58",
"6.9.10-59",
"6.9.10-6",
"6.9.10-60",
"6.9.10-61",
"6.9.10-62",
"6.9.10-63",
"6.9.10-64",
"6.9.10-65",
"6.9.10-66",
"6.9.10-67",
"6.9.10-68",
"6.9.10-69",
"6.9.10-7",
"6.9.10-70",
"6.9.10-71",
"6.9.10-72",
"6.9.10-73",
"6.9.10-74",
"6.9.10-75",
"6.9.10-77",
"6.9.10-78",
"6.9.10-79",
"6.9.10-8",
"6.9.10-80",
"6.9.10-81",
"6.9.10-82",
"6.9.10-83",
"6.9.10-84",
"6.9.10-85",
"6.9.10-86",
"6.9.10-87",
"6.9.10-88",
"6.9.10-89",
"6.9.10-9",
"6.9.10-90",
"6.9.10-91",
"6.9.10-92",
"6.9.10-93",
"6.9.10-94",
"6.9.10-95",
"6.9.10-96",
"6.9.10-97",
"6.9.4-0",
"6.9.4-1",
"6.9.4-10",
"6.9.4-2",
"6.9.4-3",
"6.9.4-4",
"6.9.4-5",
"6.9.4-6",
"6.9.4-7",
"6.9.4-8",
"6.9.4-9",
"6.9.5-0",
"6.9.5-1",
"6.9.5-10",
"6.9.5-2",
"6.9.5-3",
"6.9.5-4",
"6.9.5-5",
"6.9.5-6",
"6.9.5-7",
"6.9.5-8",
"6.9.5-9",
"6.9.6-0",
"6.9.6-1",
"6.9.6-2",
"6.9.6-3",
"6.9.6-4",
"6.9.6-5",
"6.9.6-6",
"6.9.6-7",
"6.9.6-8",
"6.9.7-0",
"6.9.7-1",
"6.9.7-10",
"6.9.7-2",
"6.9.7-3",
"6.9.7-4",
"6.9.7-5",
"6.9.7-6",
"6.9.7-7",
"6.9.7-8",
"6.9.7-9",
"6.9.8-0",
"6.9.8-1",
"6.9.8-10",
"6.9.8-2",
"6.9.8-3",
"6.9.8-4",
"6.9.8-5",
"6.9.8-6",
"6.9.8-7",
"6.9.8-8",
"6.9.8-9",
"6.9.9-0",
"6.9.9-1",
"6.9.9-10",
"6.9.9-11",
"6.9.9-12",
"6.9.9-13",
"6.9.9-14",
"6.9.9-15",
"6.9.9-17",
"6.9.9-18",
"6.9.9-19",
"6.9.9-2",
"6.9.9-20",
"6.9.9-21",
"6.9.9-22",
"6.9.9-23",
"6.9.9-24",
"6.9.9-25",
"6.9.9-26",
"6.9.9-27",
"6.9.9-28",
"6.9.9-29",
"6.9.9-3",
"6.9.9-30",
"6.9.9-31",
"6.9.9-32",
"6.9.9-33",
"6.9.9-34",
"6.9.9-35",
"6.9.9-36",
"6.9.9-37",
"6.9.9-38",
"6.9.9-39",
"6.9.9-4",
"6.9.9-40",
"6.9.9-41",
"6.9.9-42",
"6.9.9-43",
"6.9.9-44",
"6.9.9-45",
"6.9.9-46",
"6.9.9-47",
"6.9.9-48",
"6.9.9-49",
"6.9.9-5",
"6.9.9-50",
"6.9.9-51",
"6.9.9-6",
"6.9.9-7",
"6.9.9-8",
"6.9.9-9"
]
},
{
"digest": {
"function_hash": "201658892558676292037072503713412344059",
"length": 22124.0
},
"target": {
"function": "ReadTIFFImage",
"file": "coders/tiff.c"
},
"id": "CVE-2023-3745-e356b37a",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/imagemagick/imagemagick6/commit/b466a96965afc1308a4ace93f5535c2b770f294b",
"deprecated": false
}
]
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-3745.json"
"2026-07-08T17:57:16Z"