SUSE-SU-2026:1596-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. - CVE-2026-33900: Denial of Service via integer truncation in viff encoder bsc1262156. - CVE-2026-33905: Denial of service via out-of-bounds read in -samp...

GHSA-R83H-CRWP-3VM7 ImageMagick has a heap-use-after-free via XMP profile could result in a crash when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values...

ImageMagick has a heap-use-after-free via XMP profile could result in a crash when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values...

Use After Free

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Use After Free

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Use After Free

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Use After Free

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

CVE-2026-40311

A flaw was found in ImageMagick. This heap use-after-free vulnerability can be triggered when processing an invalid XMP Extensible Metadata Platform profile. An attacker could craft a malicious image file that, when read and processed by ImageMagick, may lead to a crash, resulting in a denial of...

CVE-2026-40311

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash when reading and printing values from an invalid XMP profile. This issue has been fixed in versio...

CVE-2026-40311 ImageMagick: Heap-use-after-free via XMP profile could result in a crash when printing values

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash when reading and printing values from an invalid XMP profile. This issue has been fixed in versio...

Infinite loop

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...