rpm package
suse/ImageMagick&distro=SUSE Linux Enterprise Server 15 SP6-LTSS
pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSS
Vulnerabilities (90)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-24485 | — | < 7.1.1.21-150600.3.42.2 | 7.1.1.21-150600.3.42.2 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, when a PCD file does not contain a valid Sync marker, the DecodeImage() function becomes trapped in an infinite loop while searching for the Sy | ||
| CVE-2026-24484 | — | < 7.1.1.21-150600.3.42.2 | 7.1.1.21-150600.3.42.2 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for multi-layer nested mvg conversions to svg, leading to DoS. Versions 7.1.2-15 and 6.9.13-40 contain a patch. | ||
| CVE-2026-24481 | — | < 7.1.1.21-150600.3.42.2 | 7.1.1.21-150600.3.42.2 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap information disclosure vulnerability exists in ImageMagick's PSD (Adobe Photoshop) format handler. When processing a maliciously crafted | ||
| CVE-2026-23952 | — | < 7.1.1.21-150600.3.38.1 | 7.1.1.21-150600.3.38.1 | Jan 22, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL (Magick Scripting Language) parser when processing tags before images are loaded. This can | ||
| CVE-2026-23876 | — | < 7.1.1.21-150600.3.38.1 | 7.1.1.21-150600.3.38.1 | Jan 20, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-13 and 6.9.13-38, a heap buffer overflow vulnerability in the XBM image decoder (ReadXBMImage) allows an attacker to write controlled data past the allocated hea | ||
| CVE-2026-23874 | — | < 7.1.1.21-150600.3.38.1 | 7.1.1.21-150600.3.38.1 | Jan 20, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite recursion in MSL (Magick Scripting Language) `` command when writing to MSL format. Version 7.1.2-13 fixes the issue | ||
| CVE-2026-22770 | — | < 7.1.1.21-150600.3.38.1 | 7.1.1.21-150600.3.38.1 | Jan 20, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But, in versions prior to 7.1.2-13, the last element in the set is not properly initializ | ||
| CVE-2025-68469 | — | < 7.1.0.9-150400.6.58.1 | 7.1.0.9-150400.6.58.1 | Dec 18, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMagick crashes when processing a crafted TIFF file. Version 7.1.1-14 fixes the issue. | ||
| CVE-2025-66628 | — | < 7.1.1.21-150600.3.32.1 | 7.1.1.21-150600.3.32.1 | Dec 10, 2025 | ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM (PSX TIM) image parser contains a critical integer overflow vulnerability in its ReadTIMImage function (coders/tim.c). The code reads width and height (16-bi | ||
| CVE-2025-65955 | — | < 7.1.1.21-150600.3.32.1 | 7.1.1.21-150600.3.32.1 | Dec 2, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family |
- CVE-2026-24485Feb 24, 2026affected < 7.1.1.21-150600.3.42.2fixed 7.1.1.21-150600.3.42.2
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, when a PCD file does not contain a valid Sync marker, the DecodeImage() function becomes trapped in an infinite loop while searching for the Sy
- CVE-2026-24484Feb 24, 2026affected < 7.1.1.21-150600.3.42.2fixed 7.1.1.21-150600.3.42.2
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for multi-layer nested mvg conversions to svg, leading to DoS. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
- CVE-2026-24481Feb 24, 2026affected < 7.1.1.21-150600.3.42.2fixed 7.1.1.21-150600.3.42.2
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap information disclosure vulnerability exists in ImageMagick's PSD (Adobe Photoshop) format handler. When processing a maliciously crafted
- CVE-2026-23952Jan 22, 2026affected < 7.1.1.21-150600.3.38.1fixed 7.1.1.21-150600.3.38.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL (Magick Scripting Language) parser when processing tags before images are loaded. This can
- CVE-2026-23876Jan 20, 2026affected < 7.1.1.21-150600.3.38.1fixed 7.1.1.21-150600.3.38.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-13 and 6.9.13-38, a heap buffer overflow vulnerability in the XBM image decoder (ReadXBMImage) allows an attacker to write controlled data past the allocated hea
- CVE-2026-23874Jan 20, 2026affected < 7.1.1.21-150600.3.38.1fixed 7.1.1.21-150600.3.38.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite recursion in MSL (Magick Scripting Language) `` command when writing to MSL format. Version 7.1.2-13 fixes the issue
- CVE-2026-22770Jan 20, 2026affected < 7.1.1.21-150600.3.38.1fixed 7.1.1.21-150600.3.38.1
ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But, in versions prior to 7.1.2-13, the last element in the set is not properly initializ
- CVE-2025-68469Dec 18, 2025affected < 7.1.0.9-150400.6.58.1fixed 7.1.0.9-150400.6.58.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMagick crashes when processing a crafted TIFF file. Version 7.1.1-14 fixes the issue.
- CVE-2025-66628Dec 10, 2025affected < 7.1.1.21-150600.3.32.1fixed 7.1.1.21-150600.3.32.1
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM (PSX TIM) image parser contains a critical integer overflow vulnerability in its ReadTIMImage function (coders/tim.c). The code reads width and height (16-bi
- CVE-2025-65955Dec 2, 2025affected < 7.1.1.21-150600.3.32.1fixed 7.1.1.21-150600.3.32.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family
Page 5 of 5