A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could pass specially crafted file to convert, triggering an heap-use-after-free write error, allowing an application to crash, resulting in a denial of service. https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0
Created ImageMagick tracking bugs for this issue: Affects: epel-8 [bug 2214158] Affects: fedora-37 [bug 2214155] Affects: fedora-38 [bug 2214159]