rpm package
suse/ImageMagick&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5
pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5
Vulnerabilities (89)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-53464 | Med | 4.0 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, when providing invalid options to the wand option parser a small memory leak will occur. This issue has been patched in version 7.1.2-25. | |
| CVE-2026-53463 | Med | 4.3 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when passing incorrect arguments in the distort operation a null pointer deference will occur. This issue has been patched in versions 6.9.13-5 | |
| CVE-2026-53460 | Hig | 7.5 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, a missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-Memory condition. This issue has been patched in ver | |
| CVE-2026-49218 | Hig | 7.5 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check in the DCM decoder could result in an image with invalid dimensions and that could cause crashes in other operation. This issue | |
| CVE-2026-48994 | Med | 5.9 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check of a return value could lead to a heap buffer over-write in the MAT decoder on 32-bit systems. This issue has been patched in v | |
| CVE-2026-48734 | Med | 5.5 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, a crafted MVG file could result in a stack overflow due to a missing depth or visited-set check. This issue has been patched in versions 6.9.13 | |
| CVE-2026-47166 | Med | 5.7 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-read in the server process. This issue has been | |
| CVE-2026-47165 | Med | 4.1 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, the distributed pixel cache was originally designed to operate without a challenge–response authentication model. This has been changed in vers | |
| CVE-2026-46693 | Med | 4.1 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can hijack a file descriptor in the server process when a race condition is m | |
| CVE-2026-46692 | Med | 4.1 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-write in the server process. This issue has been | |
| CVE-2026-46559 | Med | 4.0 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options. This issue has been pa | |
| CVE-2026-46521 | Med | 5.5 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing check. This issue has been patched in version | |
| CVE-2026-46523 | Med | 6.2 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, a crafted MSL image can trigger a heap-use-after-free. Versions 7.1.2.23 and 6.9.13-48 fix the issue. | |
| CVE-2026-46522 | Hig | 7.5 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and 6.9. | |
| CVE-2026-46520 | Hig | 7.5 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out of bounds heap write can occur. This issue has been patched in versions 6.9.13-48 | |
| CVE-2026-45664 | Med | 5.3 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possible to read more images than the list limit policy would allow resulting in excess | |
| CVE-2026-45624 | Med | 5.1 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when performing a polynomial distortion an out of bounds over-read of 24 bytes can occur when specifying specific arguments. This issue has bee | |
| CVE-2026-45359 | Med | 5.7 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This | |
| CVE-2026-45031 | Med | 5.3 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, due to a missing check in the PSD decoder it would be possible to bypass the list-length resource policy when decoding a PSD image. Other secur | |
| CVE-2026-42326 | Med | 5.1 | < 7.1.0.9-150400.6.87.1 | 7.1.0.9-150400.6.87.1 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when writing an IPTC output file a malicious input file could cause an out of bounds read of a single byte. This issue has been patched in vers |
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, when providing invalid options to the wand option parser a small memory leak will occur. This issue has been patched in version 7.1.2-25.
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when passing incorrect arguments in the distort operation a null pointer deference will occur. This issue has been patched in versions 6.9.13-5
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, a missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-Memory condition. This issue has been patched in ver
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check in the DCM decoder could result in an image with invalid dimensions and that could cause crashes in other operation. This issue
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check of a return value could lead to a heap buffer over-write in the MAT decoder on 32-bit systems. This issue has been patched in v
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, a crafted MVG file could result in a stack overflow due to a missing depth or visited-set check. This issue has been patched in versions 6.9.13
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-read in the server process. This issue has been
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, the distributed pixel cache was originally designed to operate without a challenge–response authentication model. This has been changed in vers
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can hijack a file descriptor in the server process when a race condition is m
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-write in the server process. This issue has been
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options. This issue has been pa
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing check. This issue has been patched in version
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, a crafted MSL image can trigger a heap-use-after-free. Versions 7.1.2.23 and 6.9.13-48 fix the issue.
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and 6.9.
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out of bounds heap write can occur. This issue has been patched in versions 6.9.13-48
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possible to read more images than the list limit policy would allow resulting in excess
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when performing a polynomial distortion an out of bounds over-read of 24 bytes can occur when specifying specific arguments. This issue has bee
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, due to a missing check in the PSD decoder it would be possible to bypass the list-length resource policy when decoding a PSD image. Other secur
- affected < 7.1.0.9-150400.6.87.1fixed 7.1.0.9-150400.6.87.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when writing an IPTC output file a malicious input file could cause an out of bounds read of a single byte. This issue has been patched in vers
Page 1 of 5