{"id":"CVE-2025-32460","details":"GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call.","modified":"2026-04-16T04:30:29.717713579Z","published":"2025-04-09T02:15:15.137Z","related":["SUSE-SU-2025:1349-1","openSUSE-SU-2025:14993-1"],"references":[{"type":"FIX","url":"https://foss.heptapod.net/graphicsmagick/graphicsmagick/-/commit/8e56520435df50f618a03f2721a39a70a515f1cb"},{"type":"FIX","url":"https://issues.oss-fuzz.com/issues/406320404"},{"type":"ARTICLE","url":"https://tracker.debian.org/news/1636753/accepted-graphicsmagick-14really1345hg17696-1-source-into-unstable/"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-32460.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"1.3.46"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}]}