49 matches found
CLSA-2026-1777395318 ImageMagick: Fix of 2 CVEs
CVE-2026-33900: integer truncation/wraparound in the viff encoder that could trigger an out-of-bounds heap write on 32-bit builds GHSA-v67w-737x-v2c9; upstream b6c01a5a23f1e350ebe2db78c7cc326db2e320c9 - CVE-2026-33905: out-of-bounds read in SampleImage when sample:offset is set via -sample define...
CLSA-2026-1777395036 ImageMagick: Fix of 2 CVEs
CVE-2026-33900: integer truncation/wraparound in the viff encoder that could trigger an out-of-bounds heap write on 32-bit builds GHSA-v67w-737x-v2c9; upstream b6c01a5a23f1e350ebe2db78c7cc326db2e320c9 - CVE-2026-33905: out-of-bounds read in SampleImage when sample:offset is set via -sample define...
CLSA-2026-1777394326 ImageMagick: Fix of 2 CVEs
CVE-2026-33900: integer truncation/wraparound in the viff encoder that could trigger an out-of-bounds heap write on 32-bit builds GHSA-v67w-737x-v2c9; upstream b6c01a5a23f1e350ebe2db78c7cc326db2e320c9 - CVE-2026-33905: out-of-bounds read in SampleImage when sample:offset is set via -sample define...
CLSA-2026-1777323301 Fix CVE(s): CVE-2026-33900, CVE-2026-33905
SECURITY UPDATE: out-of-bounds heap write in VIFF encoder due to integer truncation on 32-bit builds - debian/patches/CVE-2026-33900.patch: add overflow check in WriteVIFFImage to reject packets values that truncate when cast to sizet, preventing a heap write beyond the allocated buffer -...
SUSE SLES15 Security Update : ImageMagick (SUSE-SU-2026:1597-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1597-1 advisory. - CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. - CVE-2026-33900: Denial of Service via...
SUSE SLES12 Security Update : ImageMagick (SUSE-SU-2026:1596-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1596-1 advisory. - CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. - CVE-2026-33900: Denial of Service via integer truncati...
CLSA-2026-1777070517 Fix CVE(s): CVE-2026-33900, CVE-2026-33905
SECURITY UPDATE: integer truncation in VIFF encoder leading to out-of-bounds heap write - debian/patches/CVE-2026-33900.patch: add truncation check before AcquireVirtualMemory call in WriteVIFFImage in coders/viff.c - CVE-2026-33900 SECURITY UPDATE: out-of-bounds read in SampleImage via...
SUSE-SU-2026:1598-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. - CVE-2026-33900: Denial of Service via integer truncation in viff encoder bsc1262156. - CVE-2026-33901: Denial of Service due to heap buffer overflow in...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. CVE-2026-33900: Denial of Service via integer truncation in viff encoder bsc1262156. CVE-2026-33901: Denial of Service due to heap buffer overflow in MVG...
SUSE-SU-2026:1597-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. - CVE-2026-33900: Denial of Service via integer truncation in viff encoder bsc1262156. - CVE-2026-33901: Denial of Service due to heap buffer overflow in...
SUSE-SU-2026:21380-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2026-32259: stack out-of-bounds write due to a memory allocation failure in the sixel encoder can lead to a crash bsc1259612. - CVE-2026-32636: out-of-bounds write of a single zero byte due to bug the NewXMLTree method can lead to deni...
OPENSUSE-SU-2026:20606-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2026-32259: stack out-of-bounds write due to a memory allocation failure in the sixel encoder can lead to a crash bsc1259612. - CVE-2026-32636: out-of-bounds write of a single zero byte due to bug the NewXMLTree method can lead to deni...
OESA-2026-1916 ImageMagick security update
Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...
SUSE CVE-2026-33900
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the viff encoder contains an integer truncation/wraparound issue on 32-bit builds that could trigger an out of bounds heap write, potentially causing a...
Linux Distros Unpatched Vulnerability : CVE-2026-33900
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the viff encoder...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the viff encoder on 32-bit builds. An attacker can cause a heap out-of-bounds write by providing specially crafted input files. Remediation A fix was pushed into the master branch but not yet published...
Integer Overflow or Wraparound
Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...
Integer Overflow or Wraparound
Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Integer Overflow or Wraparound
Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Integer Overflow or Wraparound
Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...