CLSA-2026-1777641731 ImageMagick: Fix of CVE-2026-24481

CVE-2026-24481: heap information disclosure in PSD format handler via uninitialized memory in ZIP-compressed layer data...

CLSA-2026-1773668222 Fix CVE(s): CVE-2026-24481

SECURITY UPDATE: heap information disclosure in PSD handler - debian/patches/CVE-2026-24481.patch: zero-initialize pixel buffer in ReadPSDChannelZip to prevent heap info leak when ZIP-compressed layer data decompresses to fewer bytes than expected - CVE-2026-24481...

Out-of-bounds Read

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

FreeBSD : ImageMagick -- PSD handler heap overflow vulnerability (597e2bee-68ea-11d9-a9e7-0001020eed82)

An iDEFENSE Security Advisory reports : Remote exploitation of a buffer overflow vulnerability in The ImageMagick's Project's ImageMagick PSD image-decoding module could allow an attacker to execute arbitrary code. Exploitation may allow attackers to run arbitrary code on a victim's computer if t...

ImageMagick -- PSD handler heap overflow vulnerability

An iDEFENSE Security Advisory reports: Remote exploitation of a buffer overflow vulnerability in The ImageMagick's Project's ImageMagick PSD image-decoding module could allow an attacker to execute arbitrary code. Exploitation may allow attackers to run arbitrary code on a victim's computer if th...