CLSA-2026-1774027715 Fix CVE(s): CVE-2026-30883

SECURITY UPDATE: heap over-write in PNG raw profile writer - debian/patches/CVE-2026-30883.patch: add overflow check for allocatedlength in Magickpngwriterawprofile to prevent integer overflow leading to heap over-write - CVE-2026-30883...

0day-buffer-overflow-in-exiv2

PoC and patch for heap-buffer-overflow in PngChunk::readRawProf...

SUSE CVE-2019-19949

In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magickpngwriterawprofile and LocaleNCompare...

DEBIAN-CVE-2019-19949

In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magickpngwriterawprofile and LocaleNCompare...

UBUNTU-CVE-2018-19535

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunkint.cpp may cause a denial of service application crash due to a heap-based buffer over-read via a crafted PNG file...

ImageMagick 'Magick_png_read_raw_profile' function heap buffer overflow vulnerability

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A heap buffer overflow vulnerability exists in the 'Magickpngreadrawprofile' function in the coders/png.c file in...