Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3278 (ALAS-2026-3278)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3278 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 a...

CLSA-2026-1777395318 ImageMagick: Fix of 2 CVEs

CVE-2026-33900: integer truncation/wraparound in the viff encoder that could trigger an out-of-bounds heap write on 32-bit builds GHSA-v67w-737x-v2c9; upstream b6c01a5a23f1e350ebe2db78c7cc326db2e320c9 - CVE-2026-33905: out-of-bounds read in SampleImage when sample:offset is set via -sample define...

CLSA-2026-1777395036 ImageMagick: Fix of 2 CVEs

CVE-2026-33900: integer truncation/wraparound in the viff encoder that could trigger an out-of-bounds heap write on 32-bit builds GHSA-v67w-737x-v2c9; upstream b6c01a5a23f1e350ebe2db78c7cc326db2e320c9 - CVE-2026-33905: out-of-bounds read in SampleImage when sample:offset is set via -sample define...

CLSA-2026-1777394326 ImageMagick: Fix of 2 CVEs

CVE-2026-33900: integer truncation/wraparound in the viff encoder that could trigger an out-of-bounds heap write on 32-bit builds GHSA-v67w-737x-v2c9; upstream b6c01a5a23f1e350ebe2db78c7cc326db2e320c9 - CVE-2026-33905: out-of-bounds read in SampleImage when sample:offset is set via -sample define...

CLSA-2026-1777323301 Fix CVE(s): CVE-2026-33900, CVE-2026-33905

SECURITY UPDATE: out-of-bounds heap write in VIFF encoder due to integer truncation on 32-bit builds - debian/patches/CVE-2026-33900.patch: add overflow check in WriteVIFFImage to reject packets values that truncate when cast to sizet, preventing a heap write beyond the allocated buffer -...

CLSA-2026-1777044608 ImageMagick: Fix of 5 CVEs

CVE-2026-33900: fix integer truncation in viff encoder leading to heap out-of-bounds write on 32-bit builds - CVE-2026-33905: fix out-of-bounds read in -sample operation via sample:offset define - CVE-2026-34238: fix integer overflow in despeckle operation causing heap buffer overflow on 32-bit...

SUSE CVE-2026-33905

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read...

GHSA-PCVX-PH33-R5VV ImageMagick has an out-of-bounds read in sample operation

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read...

EUVD-2026-22108

ImageMagick has an out-of-bounds read in sample operation...

Linux Distros Unpatched Vulnerability : CVE-2026-33905

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the -sample...

CVE-2026-33905

A flaw was found in ImageMagick. This vulnerability allows a local user to cause a denial of service DoS by providing a specially crafted image that exploits an out-of-bounds read during the -sample operation when a specific offset is set through the sample:offset define. This can lead to...

CVE-2026-33905

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read...

DEBIAN-CVE-2026-33905

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read...

UBUNTU-CVE-2026-33905

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read...

CVE-2026-33905

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read...

Out-of-bounds Read

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

Out-of-bounds Read

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

Out-of-bounds Read

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

Out-of-bounds Read

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the -sample operation when a specific offset is set through the sample:offset define. An attacker can cause a denial of service by providing crafted input that triggers an out-of-bounds read. Remediation A fix was...