CLSA-2026-1777046565

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1777046565.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1777046565

Upstream

CVE-2026-33900

CVE-2026-33905

CVE-2026-34238

CVE-2026-40310

CVE-2026-40311

Published

2026-04-24T16:02:49Z

Modified

2026-06-01T00:33:20.241594262Z

Summary

ImageMagick: Fix of 5 CVEs

Details

CVE-2026-33900: fix integer truncation in viff encoder leading to heap out-of-bounds write on 32-bit builds
CVE-2026-33905: fix out-of-bounds read in -sample operation via sample:offset define
CVE-2026-34238: fix integer overflow in despeckle operation causing heap buffer overflow on 32-bit builds
CVE-2026-40310: fix heap out-of-bounds write in JP2 encoder on invalid sampling index
CVE-2026-40311: fix heap use-after-free reading and printing values from an invalid XMP profile

References

https://errata.tuxcare.com/els_os/rhel7els/CLSA-2026-1777046565.html

Affected packages

TuxCare:RHEL:7

ImageMagick

Package

Name: ImageMagick
Purl: pkg:rpm/tuxcare/ImageMagick?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.9.10.68-7.0.3.el7_9.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1777046565.json"

ImageMagick-c++

Package

Name: ImageMagick-c++
Purl: pkg:rpm/tuxcare/ImageMagick-c++?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.9.10.68-7.0.3.el7_9.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1777046565.json"

ImageMagick-c++-devel

Package

Name: ImageMagick-c++-devel
Purl: pkg:rpm/tuxcare/ImageMagick-c++-devel?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.9.10.68-7.0.3.el7_9.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1777046565.json"

ImageMagick-devel

Package

Name: ImageMagick-devel
Purl: pkg:rpm/tuxcare/ImageMagick-devel?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.9.10.68-7.0.3.el7_9.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1777046565.json"

ImageMagick-doc

Package

Name: ImageMagick-doc
Purl: pkg:rpm/tuxcare/ImageMagick-doc?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.9.10.68-7.0.3.el7_9.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1777046565.json"

ImageMagick-perl

Package

Name: ImageMagick-perl
Purl: pkg:rpm/tuxcare/ImageMagick-perl?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.9.10.68-7.0.3.el7_9.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1777046565.json"