8 matches found
CLSA-2026-1777976295 Fix CVE(s): CVE-2026-28690
SECURITY UPDATE: stack buffer overflow in MNG/JNG encoder — missing NULL check after ImageToBlob in WriteOneJNGImage could propagate a NULL blob pointer into later stack buffer operations GHSA-7h7q-j33q-hvpf. - debian/patches/CVE-2026-28690.patch: bail out of WriteOneJNGImage when ImageToBlob...
CLSA-2026-1777542477 Fix CVE(s): CVE-2026-28690
SECURITY UPDATE: stack buffer overflow in MNG/JNG encoder — missing NULL check after ImageToBlob in WriteOneJNGImage could propagate a NULL blob pointer into later stack buffer operations GHSA-7h7q-j33q-hvpf. - debian/patches/CVE-2026-28690.patch: bail out of WriteOneJNGImage when ImageToBlob...
SUSE SLES15 Security Update : GraphicsMagick (SUSE-SU-2026:1300-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1300-1 advisory. - CVE-2026-26284: heap overflow in pcd decoder leads to out of bounds read bsc1258765. - CVE-2026-28690: missing bounds check in the MNG encode...
Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issues: CVE-2026-26284: heap overflow in pcd decoder leads to out of bounds read bsc1258765. CVE-2026-28690: missing bounds check in the MNG encoder can lead to a stack buffer overflow bsc1259456. Patch Instructions: To install this SUSE update u...
SUSE: Security Advisory (SUSE-SU-2026:1203-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2026:20917-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ROOT-OS-DEBIAN-11-CVE-2026-28690 CVE-2026-28690 in rootio-imagemagick - Patched by Root
Root has patched CVE-2026-28690 in the rootio-imagemagick package for Root:Debian:11. Multiple fixed versions available...
CVE-2026-28690
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow vulnerability exists in the MNG encoder. There is a bounds checks missing that could corrupting the stack with attacker-controlled data...