CLSA-2026-1773923672

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1773923672.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1773923672
Upstream
Published
2026-03-19T15:02:22Z
Modified
2026-06-01T00:33:27.077887870Z
Summary
ImageMagick: Fix of 11 CVEs
Details
  • CVE-2026-25797: fix PostScript/HTML code injection via unsanitized filenames
  • CVE-2026-25982: fix heap out-of-bounds read in DICOM colormap decoder
  • CVE-2026-25968: fix stack buffer overflow in MSL opacity attribute processing
  • CVE-2026-25986: fix heap buffer overflow write in YUV 4:2:2 decoder
  • CVE-2026-25987: fix heap buffer over-read in MAP image decoder
  • CVE-2026-25970: fix signed integer overflow in SIXEL decoder
  • CVE-2026-23952: fix NULL pointer dereference in MSL comment/label handlers
  • CVE-2026-30883: fix heap buffer overflow in PNG profile writer
  • CVE-2026-25988: fix MSL stack index not updated causing memory leak
  • CVE-2026-27798: fix heap buffer over-read in WaveletDenoiseImage
  • CVE-2026-25965: fix path traversal bypassing security policy
References

Affected packages

TuxCare:OracleLinux:7
ImageMagick

Package

Name
ImageMagick
Purl
pkg:rpm/tuxcare/ImageMagick?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.10.68-7.0.3.el7_9.tuxcare.els6

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1773923672.json"
ImageMagick-c++

Package

Name
ImageMagick-c++
Purl
pkg:rpm/tuxcare/ImageMagick-c++?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.10.68-7.0.3.el7_9.tuxcare.els6

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1773923672.json"
ImageMagick-c++-devel

Package

Name
ImageMagick-c++-devel
Purl
pkg:rpm/tuxcare/ImageMagick-c++-devel?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.10.68-7.0.3.el7_9.tuxcare.els6

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1773923672.json"
ImageMagick-devel

Package

Name
ImageMagick-devel
Purl
pkg:rpm/tuxcare/ImageMagick-devel?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.10.68-7.0.3.el7_9.tuxcare.els6

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1773923672.json"
ImageMagick-doc

Package

Name
ImageMagick-doc
Purl
pkg:rpm/tuxcare/ImageMagick-doc?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.10.68-7.0.3.el7_9.tuxcare.els6

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1773923672.json"
ImageMagick-perl

Package

Name
ImageMagick-perl
Purl
pkg:rpm/tuxcare/ImageMagick-perl?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.10.68-7.0.3.el7_9.tuxcare.els6

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1773923672.json"