CVE-2025-32460

Summary

GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call.

Affected Software

VendorProductVersion RangeStatus
GraphicsMagickGraphicsMagick0 < 8e56520435df50f618a03f2721a39a70a515f1cbaffected

Weaknesses

  • CWE-125: CWE-125 Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References