The following table lists the changes that have been made to the
CVE-2025-57803 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.
Aug. 26, 2025
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Description | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick’s 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytes_per_line (stride) to a tiny value while the per-row writer still emits 3 × width bytes for 24-bpp images. The row base pointer advances using the (overflowed) stride, so the first row immediately writes past its slot and into adjacent heap memory with attacker-controlled bytes. This is a classic, powerful primitive for heap corruption in common auto-convert pipelines. This issue has been patched in versions 6.9.13-28 and 7.1.2-2. | |
| Added | CVSS V3.1 | AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | |
| Added | CWE | CWE-190 | |
| Added | CWE | CWE-122 | |
| Added | Reference | https://github.com/dlemstra/Magick.NET/releases/tag/14.8.1 | |
| Added | Reference | https://github.com/ImageMagick/ImageMagick/commit/2c55221f4d38193adcb51056c14cf238fbcc35d7 | |
| Added | Reference | https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mxvv-97wh-cfmm |
CVE ID : CVE-2025-10304 Published : Dec. 3, 2025, 3:27 a.m. | 26 minutes ago Description : The Everest Backup –
CVE ID : CVE-2025-12585 Published : Dec. 3, 2025, 3:27 a.m. | 26 minutes ago Description : The MxChat – AI
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
