13 matches found
CLSA-2026-1774351941 Fix CVE(s): CVE-2026-23952, CVE-2026-25970, CVE-2026-25988
SECURITY UPDATE: NULL pointer dereference in MSL parser - debian/patches/CVE-2026-23952.patch: add NULL check for image before DeleteImageProperty in comment and label tag handlers - CVE-2026-23952 SECURITY UPDATE: memory leak in MSL parser - debian/patches/CVE-2026-25988.patch: return stack inde...
CVE-2026-23952 vulnerabilities
Vulnerabilities for packages: imagemagick...
SUSE SLED15: ImageMagick / ImageMagick-config-7-SUSE / etc (SUSE-SU-2026:0503-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0503-1 advisory. - CVE-2026-23874: manipulation of digital images can lead to stack overflow bsc1256976. - CVE-2026-23876:...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2026-23874: manipulation of digital images can lead to stack overflow bsc1256976. CVE-2026-23876: maliciously crafted image can lead to heap buffer overflow bsc1256962. CVE-2026-23952: processing comment tag can cause null pointer...
openSUSE Security Advisory (SUSE-SU-2026:0438-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: ImageMagick / ImageMagick-config-7-SUSE / etc (SUSE-SU-2026:0438-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0438-1 advisory. - CVE-2026-22770: improper pointer initialization can cause denial of service bsc1256969. - CVE-2026-23874:...
SUSE: Security Advisory (SUSE-SU-2026:0384-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: ImageMagick
Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite recursion in MSL Magick Scripting Language command when writing to MSL format. Version 7.1.2-13 fixes the issue...
Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3132 (ALAS-2026-3132)
The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3132 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to...
Debian: Security Advisory (DLA-4448-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-4448 : imagemagick - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4448 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4448-1 [email protected]...
CVE-2026-23952
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL Magick Scripting Language parser when processing tags before images are loaded. This can lead to DoS attack due to...
CVE-2026-23952
creationtimestamp| type| source ---|---|--- 2026-01-20 05:31:57+00:00| published-proof-of-concept| https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5vx3-wx4q-6cj8 2026-01-22 01:27:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcxzsheapt2i 2026-01-24...