rpm package
suse/ImageMagick&distro=SUSE Linux Enterprise Module for Desktop Applications 15 SP6
pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6
Vulnerabilities (16)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-62594 | — | < 7.1.1.21-150600.3.29.1 | 7.1.1.21-150600.3.29.1 | Oct 27, 2025 | ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero, unsi | ||
| CVE-2025-62171 | — | < 7.1.0.9-150400.6.46.1 | 7.1.0.9-150400.6.46.1 | Oct 17, 2025 | ImageMagick is an open source software suite for displaying, converting, and editing raster image files. In ImageMagick versions prior to 7.1.2-7 and 6.9.13-32, an integer overflow vulnerability exists in the BMP decoder on 32-bit systems. The vulnerability occurs in coders/bmp.c | ||
| CVE-2025-57807 | — | < 7.1.1.21-150600.3.23.1 | 7.1.1.21-150600.3.23.1 | Sep 5, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob(), which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBl | ||
| CVE-2025-57803 | — | < 7.1.0.9-150400.6.40.1 | 7.1.0.9-150400.6.40.1 | Aug 26, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytes_per_line (stride) to a | ||
| CVE-2025-55298 | — | < 7.1.0.9-150400.6.40.1 | 7.1.0.9-150400.6.40.1 | Aug 26, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleStrin | ||
| CVE-2025-55212 | — | < 7.1.0.9-150400.6.40.1 | 7.1.0.9-150400.6.40.1 | Aug 26, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2, passing a geometry string containing only a colon (":") to montage -geometry leads GetGeometry() to set width/height to 0. Later, ThumbnailImage | ||
| CVE-2025-55160 | — | < 7.1.0.9-150400.6.40.1 | 7.1.0.9-150400.6.40.1 | Aug 13, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in s | ||
| CVE-2025-55154 | — | < 7.1.0.9-150400.6.40.1 | 7.1.0.9-150400.6.40.1 | Aug 13, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage (in coders/png.c) are unsafe and can overflow, leading to memory corruption. This issue has b | ||
| CVE-2025-55005 | — | < 7.1.0.9-150400.6.40.1 | 7.1.0.9-150400.6.40.1 | Aug 13, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when preparing to transform from Log to sRGB colorspaces, the logmap construction fails to handle cases where the reference-black or reference-white value is l | ||
| CVE-2025-55004 | — | < 7.1.0.9-150400.6.40.1 | 7.1.0.9-150400.6.40.1 | Aug 13, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in ReadOn | ||
| CVE-2025-53101 | — | < 7.1.0.9-150400.6.33.1 | 7.1.0.9-150400.6.33.1 | Jul 14, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal poin | ||
| CVE-2025-53019 | — | < 7.1.0.9-150400.6.33.1 | 7.1.0.9-150400.6.33.1 | Jul 14, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick stream` command, specifying multiple consecutive `%d` format specifiers in a filename template causes a memory leak. | ||
| CVE-2025-53015 | — | < 7.1.1.21-150600.3.13.1 | 7.1.1.21-150600.3.13.1 | Jul 14, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0, infinite lines occur when writing during a specific XMP file conversion command. Version 7.1.2-0 fixes the issue. | ||
| CVE-2025-53014 | — | < 7.1.0.9-150400.6.33.1 | 7.1.0.9-150400.6.33.1 | Jul 14, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the `InterpretImageFilename` function. The issue stems from an off-by-one error that causes out-of-bounds memory a | ||
| CVE-2025-46393 | — | < 7.1.0.9-150400.6.30.1 | 7.1.0.9-150400.6.30.1 | Apr 23, 2025 | In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (related to the rendering of all channels in an arbitrary order). | ||
| CVE-2025-43965 | — | < 7.1.0.9-150400.6.30.1 | 7.1.0.9-150400.6.30.1 | Apr 23, 2025 | In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used. |
- CVE-2025-62594Oct 27, 2025affected < 7.1.1.21-150600.3.29.1fixed 7.1.1.21-150600.3.29.1
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero, unsi
- CVE-2025-62171Oct 17, 2025affected < 7.1.0.9-150400.6.46.1fixed 7.1.0.9-150400.6.46.1
ImageMagick is an open source software suite for displaying, converting, and editing raster image files. In ImageMagick versions prior to 7.1.2-7 and 6.9.13-32, an integer overflow vulnerability exists in the BMP decoder on 32-bit systems. The vulnerability occurs in coders/bmp.c
- CVE-2025-57807Sep 5, 2025affected < 7.1.1.21-150600.3.23.1fixed 7.1.1.21-150600.3.23.1
ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob(), which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBl
- CVE-2025-57803Aug 26, 2025affected < 7.1.0.9-150400.6.40.1fixed 7.1.0.9-150400.6.40.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytes_per_line (stride) to a
- CVE-2025-55298Aug 26, 2025affected < 7.1.0.9-150400.6.40.1fixed 7.1.0.9-150400.6.40.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleStrin
- CVE-2025-55212Aug 26, 2025affected < 7.1.0.9-150400.6.40.1fixed 7.1.0.9-150400.6.40.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2, passing a geometry string containing only a colon (":") to montage -geometry leads GetGeometry() to set width/height to 0. Later, ThumbnailImage
- CVE-2025-55160Aug 13, 2025affected < 7.1.0.9-150400.6.40.1fixed 7.1.0.9-150400.6.40.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in s
- CVE-2025-55154Aug 13, 2025affected < 7.1.0.9-150400.6.40.1fixed 7.1.0.9-150400.6.40.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage (in coders/png.c) are unsafe and can overflow, leading to memory corruption. This issue has b
- CVE-2025-55005Aug 13, 2025affected < 7.1.0.9-150400.6.40.1fixed 7.1.0.9-150400.6.40.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when preparing to transform from Log to sRGB colorspaces, the logmap construction fails to handle cases where the reference-black or reference-white value is l
- CVE-2025-55004Aug 13, 2025affected < 7.1.0.9-150400.6.40.1fixed 7.1.0.9-150400.6.40.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in ReadOn
- CVE-2025-53101Jul 14, 2025affected < 7.1.0.9-150400.6.33.1fixed 7.1.0.9-150400.6.33.1
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal poin
- CVE-2025-53019Jul 14, 2025affected < 7.1.0.9-150400.6.33.1fixed 7.1.0.9-150400.6.33.1
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick stream` command, specifying multiple consecutive `%d` format specifiers in a filename template causes a memory leak.
- CVE-2025-53015Jul 14, 2025affected < 7.1.1.21-150600.3.13.1fixed 7.1.1.21-150600.3.13.1
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0, infinite lines occur when writing during a specific XMP file conversion command. Version 7.1.2-0 fixes the issue.
- CVE-2025-53014Jul 14, 2025affected < 7.1.0.9-150400.6.33.1fixed 7.1.0.9-150400.6.33.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the `InterpretImageFilename` function. The issue stems from an off-by-one error that causes out-of-bounds memory a
- CVE-2025-46393Apr 23, 2025affected < 7.1.0.9-150400.6.30.1fixed 7.1.0.9-150400.6.30.1
In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (related to the rendering of all channels in an arbitrary order).
- CVE-2025-43965Apr 23, 2025affected < 7.1.0.9-150400.6.30.1fixed 7.1.0.9-150400.6.30.1
In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used.