CVE-2025-43965

Publication date 23 April 2025

Last updated 11 July 2025

Ubuntu priority

Medium

Why this priority?

Cvss 3 Severity Score

2.9 · Low

Score breakdown

Description

In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used.

Status

Package Ubuntu Release Status
imagemagick 25.10 questing
Not affected
25.04 plucky
Vulnerable
24.10 oracular Ignored end of life, was needs-triage
24.04 LTS noble
Vulnerable
22.04 LTS jammy
Vulnerable
20.04 LTS focal
Vulnerable
18.04 LTS bionic
Vulnerable
16.04 LTS xenial
Vulnerable
14.04 LTS trusty
Vulnerable

Severity score breakdown

Parameter Value
Base score 2.9 · Low
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Scope Unchanged
Confidentiality None
Integrity impact None
Availability impact Low
Vector CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

References

Other references