Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-015456)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-015456 advisory. ImageMagick is an open source software suite for displaying, converting, and editing raster image files. In ImageMagick versions prior to 7.1.2-7 and 6.9.13-32, an...

Important: Red Hat Security Advisory: ImageMagick security update

An update for ImageMagick is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

ImageMagick: ImageMagick vulnerable to denial of service via integer overflow in BMP decoder on 32-bit systems

A vulnerability for an integer overflow has been identified in the ImageMagick image processing software suite on 32-bit systems with non-default resource limits. An attacker can exploit this flaw by providing a specially crafted malicious image file BMP format for processing. Successful...

RHEL 7 : ImageMagick (RHSA-2026:3058)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3058 advisory. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fixes...

CVE-2026-24133

The CVE-2026-24133 issue affects jsPDF (prior to 4.1.0) where user control of the first addImage argument allows denial of service when processing unvalidated BMP data or URLs, including via the html method. Harmful BMP headers with large width/height trigger excessive memory allocations, leading...

GHSA-95FX-JJR5-F39C jsPDF Vulnerable to Denial of Service (DoS) via Unvalidated BMP Dimensions in BMPDecoder

Impact User control of the first argument of the addImage method results in Denial of Service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in out of memory errors and denial of service. Harmful BMP file...

jsPDF Vulnerable to Denial of Service (DoS) via Unvalidated BMP Dimensions in BMPDecoder

Impact User control of the first argument of the addImage method results in Denial of Service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in out of memory errors and denial of service. Harmful BMP file...

MiracleLinux 7 : ImageMagick-6.9.10.68-7.0.7.el7.AXS7 (AXSA:2025-11533:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11533:04 advisory. CVE-2025-62171: add overflow check before calculating extent in the BMP decoder CVEs: CVE-2025-62171 ImageMagick is an open source software suite for...

openSUSE 16 Security Update : ImageMagick (openSUSE-SU-2025:20162-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20162-1 advisory. - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807:...

SUSE-SU-2025:21211-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807: BlobStream Forward-Seek Under-Allocation bsc1249362. - CVE-2025-62171: incomplete fix for integer...

OPENSUSE-SU-2025:20162-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807: BlobStream Forward-Seek Under-Allocation bsc1249362. - CVE-2025-62171: incomplete fix for integer...

CLSA-2025-1764773600 Fix CVE(s): CVE-2025-62171

SECURITY UPDATE: integer overflow vulnerability in BMP decoder on 32-bit systems - debian/patches/CVE-2025-62171.patch: add extra check to resolve issue on 32-bit systems caused by memory allocation failure - CVE-2025-62171...

CLSA-2025-1764324579 Fix CVE(s): CVE-2025-62171

SECURITY UPDATE: integer overflow vulnerability in BMP decoder on 32-bit systems - debian/patches/CVE-2025-62171.patch: add extra check to resolve issue on 32-bit systems - CVE-2025-62171...

CLSA-2025-1764324335 Fix CVE(s): CVE-2025-62171

SECURITY UPDATE: integer overflow vulnerability in BMP decoder on 32-bit systems - debian/patches/CVE-2025-62171.patch: add extra check to fix issue on 32-bit systems - CVE-2025-62171...

ImageMagick < 6.9.13-32 / 7.0 < 7.1.2-7 Integer Overflow (GGHSA-9pp9-cfwx-54rm)

The remote host has a version of ImageMagick installed that is prior to 6.9.13-32, 7.0 prior to 7.1.2-7. It is, therefore, affected by integer overflow vulnerability as referenced in GGHSA-9pp9-cfwx-54rm advisory. - ImageMagick is an open source software suite for displaying, converting, and...

Integer Overflow

ImageMagick is vulnerable to an integer overflow. The vulnerability is due to improper integer overflow handling in the BMP decoder when calculating image buffer sizes by multiplying image width with bits per pixel, which allows an attacker to exploit a specially crafted BMP file to cause integer...

SUSE SLES12 Security Update : ImageMagick (SUSE-SU-2025:3918-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:3918-1 advisory. - CVE-2025-62171: Fixed incomplete fix for integer overflow in BMP Decoder bsc1252282. Tenable has extracted the preceding description block directly...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-62171: Fixed incomplete fix for integer overflow in BMP Decoder bsc1252282. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-62171: Fixed incomplete fix for integer overflow in BMP Decoder bsc1252282. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ImageMagick (SUSE-SU-2025:3844-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3844-1 advisory. - CVE-2025-62171: Fixed incomplete fix for integer overflow in BMP Decoder bsc1252282. Tenable has...