What is CVE-2022-44267?

CVE-2022-44267 is a vulnerability in N/a. Published 2023-02-06.

Is CVE-2022-44267 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2022-44267

ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input.

EPSS: 0.766 (99.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cvemon
agathanon/cve-2022-44268
nneonneo/sstic-2023
seal-community/patches

References

imagemagick.org/
www.metabaseq.com/imagemagick-zero-days/
DSA-5347 (vendor-advisory)
FEDORA-2023-6537113d6d (vendor-advisory)
FEDORA-2023-93389b8a9e (vendor-advisory)
[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update (mailing-list)

Frequently asked questions

What is CVE-2022-44267?: CVE-2022-44267 is a vulnerability in N/a. Published 2023-02-06.
Is CVE-2022-44267 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.