{
  "threat_severity" : "Moderate",
  "public_date" : "2026-04-13T21:14:07Z",
  "bugzilla" : {
    "description" : "ImageMagick: Magick.NET: ImageMagick: Denial of Service via integer overflow in despeckle operation",
    "id" : "2458048",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2458048"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.0",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
    "status" : "draft"
  },
  "cwe" : "CWE-190",
  "details" : [ "A flaw was found in ImageMagick, a widely used software for image editing. Specifically, an integer overflow occurs during the despeckle operation, which can lead to a heap buffer overflow on 32-bit systems. This vulnerability allows an attacker to cause an out-of-bounds write, potentially resulting in a denial of service (DoS) by making the application crash or become unresponsive." ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "ImageMagick",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "ImageMagick",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-34238\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-34238\nhttps://github.com/ImageMagick/ImageMagick/commit/bcd8519c70ecd9ebbc180920f2cf97b267d1f440\nhttps://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19\nhttps://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-26qp-ffjh-2x4v\nhttps://github.com/dlemstra/Magick.NET/releases/tag/14.12.0" ],
  "name" : "CVE-2026-34238",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}