7 matches found
SUSE SLED15: ImageMagick / ImageMagick-config-7-SUSE / etc (SUSE-SU-2026:2877-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2877-1 advisory. - CVE-2026-53466: integer overflow in the XCF decoder can result in an out-of-bounds read when a crafted image...
OPENSUSE-SU-2026:21291-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues - CVE-2026-53466: integer overflow in the XCF decoder can result in an out-of-bounds read when a crafted image is read bsc1270073. - CVE-2026-53467: allocated memory left unchanged in the MNG decoder can lead to a heap information disclosure...
Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3786 (ALAS-2026-3786)
The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3786 advisory. ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data wher...
DEBIAN-CVE-2026-56379
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that allows attackers to inject arbitrary MVG drawing commands. Attackers can craft malicious SVG files with injected Magick Vector Graphics commands that execute during rendering...
CVE-2026-56379
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that allows attackers to inject arbitrary MVG drawing commands. Attackers can craft malicious SVG files with injected Magick Vector Graphics commands that execute during rendering...
UBUNTU-CVE-2026-56379
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that allows attackers to inject arbitrary MVG drawing commands. Attackers can craft malicious SVG files with injected Magick Vector Graphics commands that execute during rendering...
CVE-2026-56379 ImageMagick - Command Injection via SVG Decoder
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that allows attackers to inject arbitrary MVG drawing commands. Attackers can craft malicious SVG files with injected Magick Vector Graphics commands that execute during rendering...