SUSE-SU-2026:0854-1
Vulnerability from csaf_suse - Published: 2026-03-09 15:34 - Updated: 2026-03-09 15:34Summary
Security update for ImageMagick
Severity
Moderate
Notes
Title of the patch: Security update for ImageMagick
Description of the patch: This update for ImageMagick fixes the following issues:
- CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion (bsc#1258790).
- CVE-2026-24485: denial of service via malformed PCD file processing (bsc#1258791).
- CVE-2026-25576: Out of bounds read in multiple coders that read raw pixel data (bsc#1258748).
- CVE-2026-25795: Denial of Service due to NULL pointer dereference during temporary file creation failure
(bsc#1258792).
- CVE-2026-25796: Memory leak of watermark Image object in ReadSTEGANOImage on multiple error/early-return paths
(bsc#1258757).
- CVE-2026-25797: Code injection in various encoders (bsc#1258770).
- CVE-2026-25799: Division-by-Zero in YUV sampling factor validation leads to crash (bsc#1258786).
- CVE-2026-25966: Security Policy Bypass through config/policy-secure.xml via 'fd handler' leads to stdin/stdout access
(bsc#1258780).
- CVE-2026-25983: Denial of service via crafted MSL script (bsc#1258805).
- CVE-2026-25987: Memory disclosure and denial of service via crafted MAP files (bsc#1258821).
- CVE-2026-25988: Denial of Service due to memory leak in image processing (bsc#1258810).
- CVE-2026-26066: Infinite loop when writing IPTCTEXT leads to denial of service via crafted profile (bsc#1258769).
- CVE-2026-26284: Heap overflow in pcd decoder leads to out of bounds read (bsc#1258765).
- CVE-2026-26983: Invalid MSL <map> can result in a use after free (bsc#1258763).
- CVE-2026-27799: ImageMagick has a heap Buffer Over-read in its DJVU image format handler (bsc#1259017).
Patchnames: SUSE-2026-854,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-854
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.2 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ImageMagick",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ImageMagick fixes the following issues:\n\n- CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion (bsc#1258790).\n- CVE-2026-24485: denial of service via malformed PCD file processing (bsc#1258791).\n- CVE-2026-25576: Out of bounds read in multiple coders that read raw pixel data (bsc#1258748).\n- CVE-2026-25795: Denial of Service due to NULL pointer dereference during temporary file creation failure\n (bsc#1258792).\n- CVE-2026-25796: Memory leak of watermark Image object in ReadSTEGANOImage on multiple error/early-return paths\n (bsc#1258757).\n- CVE-2026-25797: Code injection in various encoders (bsc#1258770).\n- CVE-2026-25799: Division-by-Zero in YUV sampling factor validation leads to crash (bsc#1258786).\n- CVE-2026-25966: Security Policy Bypass through config/policy-secure.xml via \u0027fd handler\u0027 leads to stdin/stdout access\n (bsc#1258780).\n- CVE-2026-25983: Denial of service via crafted MSL script (bsc#1258805).\n- CVE-2026-25987: Memory disclosure and denial of service via crafted MAP files (bsc#1258821).\n- CVE-2026-25988: Denial of Service due to memory leak in image processing (bsc#1258810).\n- CVE-2026-26066: Infinite loop when writing IPTCTEXT leads to denial of service via crafted profile (bsc#1258769).\n- CVE-2026-26284: Heap overflow in pcd decoder leads to out of bounds read (bsc#1258765).\n- CVE-2026-26983: Invalid MSL \u003cmap\u003e can result in a use after free (bsc#1258763).\n- CVE-2026-27799: ImageMagick has a heap Buffer Over-read in its DJVU image format handler (bsc#1259017).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-854,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-854",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0854-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0854-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260854-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0854-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024662.html"
},
{
"category": "self",
"summary": "SUSE Bug 1258748",
"url": "https://bugzilla.suse.com/1258748"
},
{
"category": "self",
"summary": "SUSE Bug 1258757",
"url": "https://bugzilla.suse.com/1258757"
},
{
"category": "self",
"summary": "SUSE Bug 1258763",
"url": "https://bugzilla.suse.com/1258763"
},
{
"category": "self",
"summary": "SUSE Bug 1258765",
"url": "https://bugzilla.suse.com/1258765"
},
{
"category": "self",
"summary": "SUSE Bug 1258769",
"url": "https://bugzilla.suse.com/1258769"
},
{
"category": "self",
"summary": "SUSE Bug 1258770",
"url": "https://bugzilla.suse.com/1258770"
},
{
"category": "self",
"summary": "SUSE Bug 1258780",
"url": "https://bugzilla.suse.com/1258780"
},
{
"category": "self",
"summary": "SUSE Bug 1258786",
"url": "https://bugzilla.suse.com/1258786"
},
{
"category": "self",
"summary": "SUSE Bug 1258790",
"url": "https://bugzilla.suse.com/1258790"
},
{
"category": "self",
"summary": "SUSE Bug 1258791",
"url": "https://bugzilla.suse.com/1258791"
},
{
"category": "self",
"summary": "SUSE Bug 1258792",
"url": "https://bugzilla.suse.com/1258792"
},
{
"category": "self",
"summary": "SUSE Bug 1258805",
"url": "https://bugzilla.suse.com/1258805"
},
{
"category": "self",
"summary": "SUSE Bug 1258810",
"url": "https://bugzilla.suse.com/1258810"
},
{
"category": "self",
"summary": "SUSE Bug 1258821",
"url": "https://bugzilla.suse.com/1258821"
},
{
"category": "self",
"summary": "SUSE Bug 1259017",
"url": "https://bugzilla.suse.com/1259017"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-24484 page",
"url": "https://www.suse.com/security/cve/CVE-2026-24484/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-24485 page",
"url": "https://www.suse.com/security/cve/CVE-2026-24485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25576 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25795 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25796 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25797 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25799 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25966 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25983 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25987 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25988 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26066 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26284 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26983 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27799 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27799/"
}
],
"title": "Security update for ImageMagick",
"tracking": {
"current_release_date": "2026-03-09T15:34:51Z",
"generator": {
"date": "2026-03-09T15:34:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0854-1",
"initial_release_date": "2026-03-09T15:34:51Z",
"revision_history": [
{
"date": "2026-03-09T15:34:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-6.8.8.1-71.231.1.aarch64",
"product": {
"name": "ImageMagick-6.8.8.1-71.231.1.aarch64",
"product_id": "ImageMagick-6.8.8.1-71.231.1.aarch64"
}
},
{
"category": "product_version",
"name": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.aarch64",
"product": {
"name": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.aarch64",
"product_id": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.aarch64"
}
},
{
"category": "product_version",
"name": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.aarch64",
"product": {
"name": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.aarch64",
"product_id": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.aarch64"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-6.8.8.1-71.231.1.aarch64",
"product": {
"name": "ImageMagick-devel-6.8.8.1-71.231.1.aarch64",
"product_id": "ImageMagick-devel-6.8.8.1-71.231.1.aarch64"
}
},
{
"category": "product_version",
"name": "ImageMagick-extra-6.8.8.1-71.231.1.aarch64",
"product": {
"name": "ImageMagick-extra-6.8.8.1-71.231.1.aarch64",
"product_id": "ImageMagick-extra-6.8.8.1-71.231.1.aarch64"
}
},
{
"category": "product_version",
"name": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.aarch64",
"product": {
"name": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.aarch64",
"product_id": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.aarch64"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-6.8.8.1-71.231.1.aarch64",
"product": {
"name": "libMagick++-devel-6.8.8.1-71.231.1.aarch64",
"product_id": "libMagick++-devel-6.8.8.1-71.231.1.aarch64"
}
},
{
"category": "product_version",
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.aarch64",
"product": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.aarch64",
"product_id": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.aarch64"
}
},
{
"category": "product_version",
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.aarch64",
"product": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.aarch64",
"product_id": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.aarch64"
}
},
{
"category": "product_version",
"name": "perl-PerlMagick-6.8.8.1-71.231.1.aarch64",
"product": {
"name": "perl-PerlMagick-6.8.8.1-71.231.1.aarch64",
"product_id": "perl-PerlMagick-6.8.8.1-71.231.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-devel-64bit-6.8.8.1-71.231.1.aarch64_ilp32",
"product": {
"name": "ImageMagick-devel-64bit-6.8.8.1-71.231.1.aarch64_ilp32",
"product_id": "ImageMagick-devel-64bit-6.8.8.1-71.231.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libMagick++-6_Q16-3-64bit-6.8.8.1-71.231.1.aarch64_ilp32",
"product": {
"name": "libMagick++-6_Q16-3-64bit-6.8.8.1-71.231.1.aarch64_ilp32",
"product_id": "libMagick++-6_Q16-3-64bit-6.8.8.1-71.231.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-64bit-6.8.8.1-71.231.1.aarch64_ilp32",
"product": {
"name": "libMagick++-devel-64bit-6.8.8.1-71.231.1.aarch64_ilp32",
"product_id": "libMagick++-devel-64bit-6.8.8.1-71.231.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libMagickCore-6_Q16-1-64bit-6.8.8.1-71.231.1.aarch64_ilp32",
"product": {
"name": "libMagickCore-6_Q16-1-64bit-6.8.8.1-71.231.1.aarch64_ilp32",
"product_id": "libMagickCore-6_Q16-1-64bit-6.8.8.1-71.231.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libMagickWand-6_Q16-1-64bit-6.8.8.1-71.231.1.aarch64_ilp32",
"product": {
"name": "libMagickWand-6_Q16-1-64bit-6.8.8.1-71.231.1.aarch64_ilp32",
"product_id": "libMagickWand-6_Q16-1-64bit-6.8.8.1-71.231.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-6.8.8.1-71.231.1.i586",
"product": {
"name": "ImageMagick-6.8.8.1-71.231.1.i586",
"product_id": "ImageMagick-6.8.8.1-71.231.1.i586"
}
},
{
"category": "product_version",
"name": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.i586",
"product": {
"name": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.i586",
"product_id": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.i586"
}
},
{
"category": "product_version",
"name": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.i586",
"product": {
"name": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.i586",
"product_id": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.i586"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-6.8.8.1-71.231.1.i586",
"product": {
"name": "ImageMagick-devel-6.8.8.1-71.231.1.i586",
"product_id": "ImageMagick-devel-6.8.8.1-71.231.1.i586"
}
},
{
"category": "product_version",
"name": "ImageMagick-extra-6.8.8.1-71.231.1.i586",
"product": {
"name": "ImageMagick-extra-6.8.8.1-71.231.1.i586",
"product_id": "ImageMagick-extra-6.8.8.1-71.231.1.i586"
}
},
{
"category": "product_version",
"name": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.i586",
"product": {
"name": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.i586",
"product_id": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.i586"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-6.8.8.1-71.231.1.i586",
"product": {
"name": "libMagick++-devel-6.8.8.1-71.231.1.i586",
"product_id": "libMagick++-devel-6.8.8.1-71.231.1.i586"
}
},
{
"category": "product_version",
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.i586",
"product": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.i586",
"product_id": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.i586"
}
},
{
"category": "product_version",
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.i586",
"product": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.i586",
"product_id": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.i586"
}
},
{
"category": "product_version",
"name": "perl-PerlMagick-6.8.8.1-71.231.1.i586",
"product": {
"name": "perl-PerlMagick-6.8.8.1-71.231.1.i586",
"product_id": "perl-PerlMagick-6.8.8.1-71.231.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-doc-6.8.8.1-71.231.1.noarch",
"product": {
"name": "ImageMagick-doc-6.8.8.1-71.231.1.noarch",
"product_id": "ImageMagick-doc-6.8.8.1-71.231.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-6.8.8.1-71.231.1.ppc64le",
"product": {
"name": "ImageMagick-6.8.8.1-71.231.1.ppc64le",
"product_id": "ImageMagick-6.8.8.1-71.231.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.ppc64le",
"product": {
"name": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.ppc64le",
"product_id": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.ppc64le",
"product": {
"name": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.ppc64le",
"product_id": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-6.8.8.1-71.231.1.ppc64le",
"product": {
"name": "ImageMagick-devel-6.8.8.1-71.231.1.ppc64le",
"product_id": "ImageMagick-devel-6.8.8.1-71.231.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ImageMagick-extra-6.8.8.1-71.231.1.ppc64le",
"product": {
"name": "ImageMagick-extra-6.8.8.1-71.231.1.ppc64le",
"product_id": "ImageMagick-extra-6.8.8.1-71.231.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.ppc64le",
"product": {
"name": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.ppc64le",
"product_id": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-6.8.8.1-71.231.1.ppc64le",
"product": {
"name": "libMagick++-devel-6.8.8.1-71.231.1.ppc64le",
"product_id": "libMagick++-devel-6.8.8.1-71.231.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.ppc64le",
"product": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.ppc64le",
"product_id": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.ppc64le",
"product": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.ppc64le",
"product_id": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.ppc64le"
}
},
{
"category": "product_version",
"name": "perl-PerlMagick-6.8.8.1-71.231.1.ppc64le",
"product": {
"name": "perl-PerlMagick-6.8.8.1-71.231.1.ppc64le",
"product_id": "perl-PerlMagick-6.8.8.1-71.231.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-6.8.8.1-71.231.1.s390",
"product": {
"name": "ImageMagick-6.8.8.1-71.231.1.s390",
"product_id": "ImageMagick-6.8.8.1-71.231.1.s390"
}
},
{
"category": "product_version",
"name": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.s390",
"product": {
"name": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.s390",
"product_id": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.s390"
}
},
{
"category": "product_version",
"name": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.s390",
"product": {
"name": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.s390",
"product_id": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.s390"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-6.8.8.1-71.231.1.s390",
"product": {
"name": "ImageMagick-devel-6.8.8.1-71.231.1.s390",
"product_id": "ImageMagick-devel-6.8.8.1-71.231.1.s390"
}
},
{
"category": "product_version",
"name": "ImageMagick-extra-6.8.8.1-71.231.1.s390",
"product": {
"name": "ImageMagick-extra-6.8.8.1-71.231.1.s390",
"product_id": "ImageMagick-extra-6.8.8.1-71.231.1.s390"
}
},
{
"category": "product_version",
"name": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.s390",
"product": {
"name": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.s390",
"product_id": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.s390"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-6.8.8.1-71.231.1.s390",
"product": {
"name": "libMagick++-devel-6.8.8.1-71.231.1.s390",
"product_id": "libMagick++-devel-6.8.8.1-71.231.1.s390"
}
},
{
"category": "product_version",
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.s390",
"product": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.s390",
"product_id": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.s390"
}
},
{
"category": "product_version",
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.s390",
"product": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.s390",
"product_id": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.s390"
}
},
{
"category": "product_version",
"name": "perl-PerlMagick-6.8.8.1-71.231.1.s390",
"product": {
"name": "perl-PerlMagick-6.8.8.1-71.231.1.s390",
"product_id": "perl-PerlMagick-6.8.8.1-71.231.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-6.8.8.1-71.231.1.s390x",
"product": {
"name": "ImageMagick-6.8.8.1-71.231.1.s390x",
"product_id": "ImageMagick-6.8.8.1-71.231.1.s390x"
}
},
{
"category": "product_version",
"name": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.s390x",
"product": {
"name": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.s390x",
"product_id": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.s390x"
}
},
{
"category": "product_version",
"name": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.s390x",
"product": {
"name": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.s390x",
"product_id": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.s390x"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-6.8.8.1-71.231.1.s390x",
"product": {
"name": "ImageMagick-devel-6.8.8.1-71.231.1.s390x",
"product_id": "ImageMagick-devel-6.8.8.1-71.231.1.s390x"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-32bit-6.8.8.1-71.231.1.s390x",
"product": {
"name": "ImageMagick-devel-32bit-6.8.8.1-71.231.1.s390x",
"product_id": "ImageMagick-devel-32bit-6.8.8.1-71.231.1.s390x"
}
},
{
"category": "product_version",
"name": "ImageMagick-extra-6.8.8.1-71.231.1.s390x",
"product": {
"name": "ImageMagick-extra-6.8.8.1-71.231.1.s390x",
"product_id": "ImageMagick-extra-6.8.8.1-71.231.1.s390x"
}
},
{
"category": "product_version",
"name": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.s390x",
"product": {
"name": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.s390x",
"product_id": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.s390x"
}
},
{
"category": "product_version",
"name": "libMagick++-6_Q16-3-32bit-6.8.8.1-71.231.1.s390x",
"product": {
"name": "libMagick++-6_Q16-3-32bit-6.8.8.1-71.231.1.s390x",
"product_id": "libMagick++-6_Q16-3-32bit-6.8.8.1-71.231.1.s390x"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-6.8.8.1-71.231.1.s390x",
"product": {
"name": "libMagick++-devel-6.8.8.1-71.231.1.s390x",
"product_id": "libMagick++-devel-6.8.8.1-71.231.1.s390x"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-32bit-6.8.8.1-71.231.1.s390x",
"product": {
"name": "libMagick++-devel-32bit-6.8.8.1-71.231.1.s390x",
"product_id": "libMagick++-devel-32bit-6.8.8.1-71.231.1.s390x"
}
},
{
"category": "product_version",
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.s390x",
"product": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.s390x",
"product_id": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.s390x"
}
},
{
"category": "product_version",
"name": "libMagickCore-6_Q16-1-32bit-6.8.8.1-71.231.1.s390x",
"product": {
"name": "libMagickCore-6_Q16-1-32bit-6.8.8.1-71.231.1.s390x",
"product_id": "libMagickCore-6_Q16-1-32bit-6.8.8.1-71.231.1.s390x"
}
},
{
"category": "product_version",
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.s390x",
"product": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.s390x",
"product_id": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.s390x"
}
},
{
"category": "product_version",
"name": "libMagickWand-6_Q16-1-32bit-6.8.8.1-71.231.1.s390x",
"product": {
"name": "libMagickWand-6_Q16-1-32bit-6.8.8.1-71.231.1.s390x",
"product_id": "libMagickWand-6_Q16-1-32bit-6.8.8.1-71.231.1.s390x"
}
},
{
"category": "product_version",
"name": "perl-PerlMagick-6.8.8.1-71.231.1.s390x",
"product": {
"name": "perl-PerlMagick-6.8.8.1-71.231.1.s390x",
"product_id": "perl-PerlMagick-6.8.8.1-71.231.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-6.8.8.1-71.231.1.x86_64",
"product": {
"name": "ImageMagick-6.8.8.1-71.231.1.x86_64",
"product_id": "ImageMagick-6.8.8.1-71.231.1.x86_64"
}
},
{
"category": "product_version",
"name": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"product": {
"name": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"product_id": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64"
}
},
{
"category": "product_version",
"name": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"product": {
"name": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"product_id": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"product": {
"name": "ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"product_id": "ImageMagick-devel-6.8.8.1-71.231.1.x86_64"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-32bit-6.8.8.1-71.231.1.x86_64",
"product": {
"name": "ImageMagick-devel-32bit-6.8.8.1-71.231.1.x86_64",
"product_id": "ImageMagick-devel-32bit-6.8.8.1-71.231.1.x86_64"
}
},
{
"category": "product_version",
"name": "ImageMagick-extra-6.8.8.1-71.231.1.x86_64",
"product": {
"name": "ImageMagick-extra-6.8.8.1-71.231.1.x86_64",
"product_id": "ImageMagick-extra-6.8.8.1-71.231.1.x86_64"
}
},
{
"category": "product_version",
"name": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.x86_64",
"product": {
"name": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.x86_64",
"product_id": "libMagick++-6_Q16-3-6.8.8.1-71.231.1.x86_64"
}
},
{
"category": "product_version",
"name": "libMagick++-6_Q16-3-32bit-6.8.8.1-71.231.1.x86_64",
"product": {
"name": "libMagick++-6_Q16-3-32bit-6.8.8.1-71.231.1.x86_64",
"product_id": "libMagick++-6_Q16-3-32bit-6.8.8.1-71.231.1.x86_64"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"product": {
"name": "libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"product_id": "libMagick++-devel-6.8.8.1-71.231.1.x86_64"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-32bit-6.8.8.1-71.231.1.x86_64",
"product": {
"name": "libMagick++-devel-32bit-6.8.8.1-71.231.1.x86_64",
"product_id": "libMagick++-devel-32bit-6.8.8.1-71.231.1.x86_64"
}
},
{
"category": "product_version",
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"product": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"product_id": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64"
}
},
{
"category": "product_version",
"name": "libMagickCore-6_Q16-1-32bit-6.8.8.1-71.231.1.x86_64",
"product": {
"name": "libMagickCore-6_Q16-1-32bit-6.8.8.1-71.231.1.x86_64",
"product_id": "libMagickCore-6_Q16-1-32bit-6.8.8.1-71.231.1.x86_64"
}
},
{
"category": "product_version",
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"product": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"product_id": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
}
},
{
"category": "product_version",
"name": "libMagickWand-6_Q16-1-32bit-6.8.8.1-71.231.1.x86_64",
"product": {
"name": "libMagickWand-6_Q16-1-32bit-6.8.8.1-71.231.1.x86_64",
"product_id": "libMagickWand-6_Q16-1-32bit-6.8.8.1-71.231.1.x86_64"
}
},
{
"category": "product_version",
"name": "perl-PerlMagick-6.8.8.1-71.231.1.x86_64",
"product": {
"name": "perl-PerlMagick-6.8.8.1-71.231.1.x86_64",
"product_id": "perl-PerlMagick-6.8.8.1-71.231.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64"
},
"product_reference": "ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64"
},
"product_reference": "ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-devel-6.8.8.1-71.231.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64"
},
"product_reference": "ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++-devel-6.8.8.1-71.231.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64"
},
"product_reference": "libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64"
},
"product_reference": "libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
},
"product_reference": "libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-24484",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-24484"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for multi-layer nested mvg conversions to svg, leading to DoS. Versions 7.1.2-15 and 6.9.13-40 contain a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-24484",
"url": "https://www.suse.com/security/cve/CVE-2026-24484"
},
{
"category": "external",
"summary": "SUSE Bug 1258790 for CVE-2026-24484",
"url": "https://bugzilla.suse.com/1258790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-09T15:34:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-24484"
},
{
"cve": "CVE-2026-24485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-24485"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, when a PCD file does not contain a valid Sync marker, the DecodeImage() function becomes trapped in an infinite loop while searching for the Sync marker, causing the program to become unresponsive and continuously consume CPU resources, ultimately leading to system resource exhaustion and denial of service. Versions 7.1.2-15 and 6.9.13-40 contain a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-24485",
"url": "https://www.suse.com/security/cve/CVE-2026-24485"
},
{
"category": "external",
"summary": "SUSE Bug 1258791 for CVE-2026-24485",
"url": "https://bugzilla.suse.com/1258791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-09T15:34:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-24485"
},
{
"cve": "CVE-2026-25576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25576"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in multiple raw image format handles. The vulnerability occurs when processing images with -extract dimensions larger than -size dimensions, causing out-of-bounds memory reads from a heap-allocated buffer. Versions 7.1.2-15 and 6.9.13-40 contain a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25576",
"url": "https://www.suse.com/security/cve/CVE-2026-25576"
},
{
"category": "external",
"summary": "SUSE Bug 1258748 for CVE-2026-25576",
"url": "https://bugzilla.suse.com/1258748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-09T15:34:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-25576"
},
{
"cve": "CVE-2026-25795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25795"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, in `ReadSFWImage()` (`coders/sfw.c`), when temporary file creation fails, `read_info` is destroyed before its `filename` member is accessed, causing a NULL pointer dereference and crash. Versions 7.1.2-15 and 6.9.13-40 contain a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25795",
"url": "https://www.suse.com/security/cve/CVE-2026-25795"
},
{
"category": "external",
"summary": "SUSE Bug 1258792 for CVE-2026-25795",
"url": "https://bugzilla.suse.com/1258792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-09T15:34:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-25795"
},
{
"cve": "CVE-2026-25796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25796"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, in `ReadSTEGANOImage()` (`coders/stegano.c`), the `watermark` Image object is not freed on three early-return paths, resulting in a definite memory leak (~13.5KB+ per invocation) that can be exploited for denial of service. Versions 7.1.2-15 and 6.9.13-40 contain a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25796",
"url": "https://www.suse.com/security/cve/CVE-2026-25796"
},
{
"category": "external",
"summary": "SUSE Bug 1258757 for CVE-2026-25796",
"url": "https://bugzilla.suse.com/1258757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-09T15:34:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-25796"
},
{
"cve": "CVE-2026-25797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25797"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a malicous file and inject arbitrary PostScript code. When the resulting file is processed by a printer or a viewer (like Ghostscript), the injected code is interpreted and executed. The html encoder does not properly escape strings that are written to in the html document. An attacker can provide a malicious file and injection arbitrary html code. Versions 7.1.2-15 and 6.9.13-40 contain a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25797",
"url": "https://www.suse.com/security/cve/CVE-2026-25797"
},
{
"category": "external",
"summary": "SUSE Bug 1258770 for CVE-2026-25797",
"url": "https://bugzilla.suse.com/1258770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-09T15:34:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-25797"
},
{
"cve": "CVE-2026-25799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25799"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in YUV sampling factor validation allows an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading, resulting in a reliable denial-of-service. Versions 7.1.2-15 and 6.9.13-40 contain a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25799",
"url": "https://www.suse.com/security/cve/CVE-2026-25799"
},
{
"category": "external",
"summary": "SUSE Bug 1258786 for CVE-2026-25799",
"url": "https://bugzilla.suse.com/1258786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-09T15:34:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-25799"
},
{
"cve": "CVE-2026-25966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25966"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped \"secure\" security policy includes a rule intended to prevent reading/writing from standard streams. However, ImageMagick also supports fd:\u003cn\u003e pseudo-filenames (e.g., fd:0, fd:1). Prior to versions 7.1.2-15 and 6.9.13-40, this path form is not blocked by the secure policy templates, and therefore bypasses the protection goal of \"no stdin/stdout.\" Versions 7.1.2-15 and 6.9.13-40 contain a patch by including a change to the more secure policies by default. As a workaround, add the change to one\u0027s security policy manually.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25966",
"url": "https://www.suse.com/security/cve/CVE-2026-25966"
},
{
"category": "external",
"summary": "SUSE Bug 1258780 for CVE-2026-25966",
"url": "https://bugzilla.suse.com/1258780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-09T15:34:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-25966"
},
{
"cve": "CVE-2026-25983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25983"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues reading from it, leading to a UAF in ReadBlobString during further parsing. Versions 7.1.2-15 and 6.9.13-40 contain a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25983",
"url": "https://www.suse.com/security/cve/CVE-2026-25983"
},
{
"category": "external",
"summary": "SUSE Bug 1258805 for CVE-2026-25983",
"url": "https://bugzilla.suse.com/1258805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-09T15:34:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-25983"
},
{
"cve": "CVE-2026-25987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25987"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the MAP image decoder when processing crafted MAP files, potentially leading to crashes or unintended memory disclosure during image decoding. Versions 7.1.2-15 and 6.9.13-40 contain a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25987",
"url": "https://www.suse.com/security/cve/CVE-2026-25987"
},
{
"category": "external",
"summary": "SUSE Bug 1258821 for CVE-2026-25987",
"url": "https://bugzilla.suse.com/1258821"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-09T15:34:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-25987"
},
{
"cve": "CVE-2026-25988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25988"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, sometimes msl.c fails to update the stack index, so an image is stored in the wrong slot and never freed on error, causing leaks. Versions 7.1.2-15 and 6.9.13-40 contain a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25988",
"url": "https://www.suse.com/security/cve/CVE-2026-25988"
},
{
"category": "external",
"summary": "SUSE Bug 1258810 for CVE-2026-25988",
"url": "https://bugzilla.suse.com/1258810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-09T15:34:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-25988"
},
{
"cve": "CVE-2026-26066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26066"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted profile contain invalid IPTC data may cause an infinite loop when writing it with `IPTCTEXT`. Versions 7.1.2-15 and 6.9.13-40 contain a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26066",
"url": "https://www.suse.com/security/cve/CVE-2026-26066"
},
{
"category": "external",
"summary": "SUSE Bug 1258769 for CVE-2026-26066",
"url": "https://bugzilla.suse.com/1258769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-09T15:34:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-26066"
},
{
"cve": "CVE-2026-26284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26284"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick lacks proper boundary checking when processing Huffman-coded data from PCD (Photo CD) files. The decoder contains an function that has an incorrect initialization that could cause an out of bounds read. Versions 7.1.2-15 and 6.9.13-40 contain a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26284",
"url": "https://www.suse.com/security/cve/CVE-2026-26284"
},
{
"category": "external",
"summary": "SUSE Bug 1258765 for CVE-2026-26284",
"url": "https://bugzilla.suse.com/1258765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-09T15:34:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-26284"
},
{
"cve": "CVE-2026-26983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26983"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the MSL interpreter crashes when processing a invalid `\u003cmap\u003e` element that causes it to use an image after it has been freed. Versions 7.1.2-15 and 6.9.13-40 contain a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26983",
"url": "https://www.suse.com/security/cve/CVE-2026-26983"
},
{
"category": "external",
"summary": "SUSE Bug 1258763 for CVE-2026-26983",
"url": "https://bugzilla.suse.com/1258763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-09T15:34:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-26983"
},
{
"cve": "CVE-2026-27799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27799"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the DJVU image format handler. The vulnerability occurs due to integer truncation when calculating the stride (row size) for pixel buffer allocation. The stride calculation overflows a 32-bit signed integer, resulting in an out-of-bounds memory reads. Versions 7.1.2-15 and 6.9.13-40 contain a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27799",
"url": "https://www.suse.com/security/cve/CVE-2026-27799"
},
{
"category": "external",
"summary": "SUSE Bug 1259017 for CVE-2026-27799",
"url": "https://bugzilla.suse.com/1259017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ImageMagick-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagick++-devel-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.231.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.231.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-09T15:34:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-27799"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…