CVE-2025-53015

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-53015
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-53015.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-53015
Aliases
Downstream
Related
Published
2025-07-14T19:31:27.548Z
Modified
2026-02-10T18:28:49.258960Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
ImageMagick has XMP profile write that triggers hang due to unbounded loop
Details

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0, infinite lines occur when writing during a specific XMP file conversion command. Version 7.1.2-0 fixes the issue.

Database specific 
{
    "cwe_ids": [
        "CWE-835"
    ],
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/53xxx/CVE-2025-53015.json"
}
References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type
GIT
Repo
https://github.com/imagemagick/imagemagick
Events
Introduced
21d049b305ff00c77e168bad1085abb73b7f2201
Fixed
3fcd081c0278427fc0e8ac40ef75c0a1537792f7

Affected versions

7.*
7.1.1-10
7.1.1-11
7.1.1-12
7.1.1-13
7.1.1-14
7.1.1-15
7.1.1-16
7.1.1-17
7.1.1-18
7.1.1-19
7.1.1-20
7.1.1-21
7.1.1-22
7.1.1-23
7.1.1-24
7.1.1-25
7.1.1-26
7.1.1-27
7.1.1-28
7.1.1-29
7.1.1-30
7.1.1-31
7.1.1-32
7.1.1-33
7.1.1-34
7.1.1-35
7.1.1-36
7.1.1-37
7.1.1-38
7.1.1-39
7.1.1-40
7.1.1-41
7.1.1-43
7.1.1-44
7.1.1-45
7.1.1-46
7.1.1-47
7.1.1-7
7.1.1-8
7.1.1-9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-53015.json"