{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-15T23:24:10.332","vulnerabilities":[{"cve":{"id":"CVE-2025-53101","sourceIdentifier":"security-advisories@github.com","published":"2025-07-14T20:15:29.180","lastModified":"2025-11-03T19:16:08.327","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal pointer arithmetic to generate an address below the beginning of the stack buffer, resulting in a stack overflow through `vsnprintf()`. Versions 7.1.2-0 and 6.9.13-26 fix the issue."},{"lang":"es","value":"ImageMagick es un software gratuito y de código abierto que se utiliza para editar y manipular imágenes digitales. En versiones anteriores a la 7.1.2-0 y la 6.9.13-26, en el comando `magick mogrify` de ImageMagick, especificar varios especificadores de formato `%d` consecutivos en una plantilla de nombre de archivo provoca que la aritmética interna de punteros genere una dirección por debajo del inicio del búfer de pila, lo que provoca un desbordamiento de pila mediante `vsnprintf()`. Las versiones 7.1.2-0 y 6.9.13-26 solucionan este problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-124"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*","versionEndExcluding":"6.9.13-26","matchCriteriaId":"A43C6CF3-47C5-4ABF-954A-2322A780AD79"},{"vulnerable":true,"criteria":"cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0-0","versionEndExcluding":"7.1.2-0","matchCriteriaId":"4658EA77-853C-4870-982E-E5676201CA03"}]}]}],"references":[{"url":"https://github.com/ImageMagick/ImageMagick/commit/66dc8f51c11b0ae1f1cdeacd381c3e9a4de69774","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh3h-j545-h8c9","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh3h-j545-h8c9","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}}]}