Skip to main content

Incorrect Type Conversion or Cast

CVE-2022-32547

Severity High
Score 7.8/10

Summary

In ImageMagick6 before 6.9.12-45 and ImageMagick7 before 7.1.0-30, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.

  • LOW
  • LOCAL
  • HIGH
  • UNCHANGED
  • REQUIRED
  • NONE
  • HIGH
  • HIGH

CWE-704 - Incorrect Type Conversion or Cast

The software does not correctly convert an object, resource, or structure from one type to a different type.

Advisory Timeline

  • Published