ImageMagick: The hidden vulnerability behind your online images

We discussed this vulnerability during Episode 193 on 06 March 2023

In resizing a PNG, in a textual chunk you have keywords and a text string as a value, if the keyword profile is used, imagemagick will try to read the associated filename (the text value for the keyword) and will load the content of the file (if it exists) into the resultant image. So in cases where a user uploaded image is resized or processed in some way by imagemagick, it may be possible to leak file content in the resulting image.