ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images.
References
Configurations
No configuration.
History
30 Jun 2026, 23:17
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-30 23:17
Updated : 2026-06-30 23:17
NVD link : CVE-2026-56369
Mitre link : CVE-2026-56369
CVE.ORG link : CVE-2026-56369
JSON object : View
Products Affected
No product.
CWE
CWE-323
Reusing a Nonce, Key Pair in Encryption
