Astra Linux - уязвимость в poppler, poppler-22

Before version 25.04.0, crafted input files could cause out-of-bounds reads in the JBIG2Bitmap::combine function within JBIG2Stream.cc, due to an improperly placed isOk check...

TencentOS Server 2: ImageMagick (TSSA-2026:0256)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0256 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

SUSE-SU-2026:1497-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2026-24484: denial of service via multi-layer nested MVG to SVG conversion bsc1258790. - CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write bsc1259446. - CVE-2026-28494: missing bounds checks in the...

JLSEC-2026-83

libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc...

JLSEC-2026-80

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

JLSEC-2026-81

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-007074)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007074 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an uninitialized pointer...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write bsc1259446. CVE-2026-28494: missing bounds checks in the morphology kernel parsing functions can lead to a stack buffer overflow bsc1259447. CVE-2026-28686:...

SUSE-SU-2026:1203-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write bsc1259446. - CVE-2026-28494: missing bounds checks in the morphology kernel parsing functions can lead to a stack buffer overflow bsc1259447. -...

SUSE-SU-2026:1202-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion bsc1258790. - CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write bsc1259446. - CVE-2026-28494: missing bounds chec...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion bsc1258790. CVE-2026-28494: missing bounds checks in the morphology kernel parsing functions can lead to a stack buffer overflow bsc1259447...

SUSE-SU-2026:1201-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion bsc1258790. - CVE-2026-28494: missing bounds checks in the morphology kernel parsing functions can lead to a stack buffer overflow bsc1259447. -...

ImageMagick: ImageMagick: Denial of Service via uninitialized pointer dereference in JBIG decoder

A flaw was found in ImageMagick. This vulnerability, an uninitialized pointer dereference, exists in the JBIG decoder due to a missing check. A remote attacker could exploit this by providing a specially crafted image file, leading to a denial of service. This could make the ImageMagick applicati...

Important: Red Hat Security Advisory: ImageMagick security update

An update for ImageMagick is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

RHEL 7 : ImageMagick (RHSA-2026:6713)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6713 advisory. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fixes...

CLSA-2026-1775121288 ImageMagick: Fix of 7 CVEs

CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28691: fix uninitialized pointer dereference in JBIG decoder - CVE-2026-25989: fix off-by-one boundary check in CastDoubleToLong - CVE-2026-25985: fix memory allocation without limits in SVG decoder -...

CLSA-2026-1775121601 ImageMagick: Fix of 7 CVEs

CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28691: fix uninitialized pointer dereference in JBIG decoder - CVE-2026-25989: fix off-by-one boundary check in CastDoubleToLong - CVE-2026-25985: fix memory allocation without limits in SVG decoder -...

CLSA-2026-1774999144 ImageMagick: Fix of 7 CVEs

CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28691: fix uninitialized pointer dereference in JBIG decoder - CVE-2026-25989: fix off-by-one boundary check in CastDouble functions - CVE-2026-25985: fix memory allocation without limits in SVG decoder -...

CLSA-2026-1774997937 ImageMagick: Fix of 7 CVEs

CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28691: fix uninitialized pointer dereference in JBIG decoder - CVE-2026-25989: fix off-by-one boundary check in CastDouble functions - CVE-2026-25985: fix memory allocation without limits in SVG decoder -...

Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issues: CVE-2026-28691: missing check in the JBIG decoder can lead to an uninitialized pointer dereference bsc1259455. CVE-2026-30883: missing bounds check when encoding a PNG image can lead to a heap buffer over-write bsc1259467. Patch...