CVE-2022-48541

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Aug 22, 2023

Updated: Mar 20, 2024

CWE ID 401

Summary

CVE-2022-48541 is a memory leak vulnerability affecting ImageMagick versions 7.0.10-45 and 6.9.11-22. An attacker can exploit this issue by sending a crafted "identify -help" command, resulting in excessive memory consumption and a denial of service (DoS) condition. The vulnerability arises due to insufficient input validation in the ImageMagick software, potentially leading to resource exhaustion and service interruption.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

ImageMagick
Fedora Operating System

Affected Vendors

Fedora Project
Imagemagick Studio

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sF-nM5
https://www.cve.org/CVERecord?id=CVE-2022-48541
https://nvd.nist.gov/vuln/detail/CVE-2022-48541

Back to Vulnerability Database