CLSA-2026-1777070517

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1777070517
Upstream
  • CVE-2026-33900
  • CVE-2026-33905
Published
2026-04-24T22:42:04Z
Modified
2026-06-04T09:46:33.435909705Z
Summary
Fix CVE(s): CVE-2026-33900, CVE-2026-33905
Details
  • SECURITY UPDATE: integer truncation in VIFF encoder leading to out-of-bounds heap write
    • debian/patches/CVE-2026-33900.patch: add truncation check before AcquireVirtualMemory() call in WriteVIFFImage() in coders/viff.c
    • CVE-2026-33900
  • SECURITY UPDATE: out-of-bounds read in SampleImage via sample:offset define
    • debian/patches/CVE-2026-33905.patch: rewrite SampleImage() in magick/resize.c to compute xoffset/yoffset per pixel and fetch a single virtual pixel instead of indexing a preallocated row buffer
    • CVE-2026-33905
References

Affected packages

TuxCare:Ubuntu:20.04
imagemagick

Package

Name
imagemagick
Purl
pkg:deb/tuxcare/imagemagick?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
imagemagick-6-common

Package

Name
imagemagick-6-common
Purl
pkg:deb/tuxcare/imagemagick-6-common?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
imagemagick-6-doc

Package

Name
imagemagick-6-doc
Purl
pkg:deb/tuxcare/imagemagick-6-doc?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
imagemagick-6.q16

Package

Name
imagemagick-6.q16
Purl
pkg:deb/tuxcare/imagemagick-6.q16?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
imagemagick-6.q16hdri

Package

Name
imagemagick-6.q16hdri
Purl
pkg:deb/tuxcare/imagemagick-6.q16hdri?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
imagemagick-common

Package

Name
imagemagick-common
Purl
pkg:deb/tuxcare/imagemagick-common?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
imagemagick-doc

Package

Name
imagemagick-doc
Purl
pkg:deb/tuxcare/imagemagick-doc?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libimage-magick-perl

Package

Name
libimage-magick-perl
Purl
pkg:deb/tuxcare/libimage-magick-perl?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libimage-magick-q16-perl

Package

Name
libimage-magick-q16-perl
Purl
pkg:deb/tuxcare/libimage-magick-q16-perl?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libimage-magick-q16hdri-perl

Package

Name
libimage-magick-q16hdri-perl
Purl
pkg:deb/tuxcare/libimage-magick-q16hdri-perl?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagick++-6-headers

Package

Name
libmagick++-6-headers
Purl
pkg:deb/tuxcare/libmagick++-6-headers?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagick++-6.q16-8

Package

Name
libmagick++-6.q16-8
Purl
pkg:deb/tuxcare/libmagick++-6.q16-8?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagick++-6.q16-dev

Package

Name
libmagick++-6.q16-dev
Purl
pkg:deb/tuxcare/libmagick++-6.q16-dev?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagick++-6.q16hdri-8

Package

Name
libmagick++-6.q16hdri-8
Purl
pkg:deb/tuxcare/libmagick++-6.q16hdri-8?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagick++-6.q16hdri-dev

Package

Name
libmagick++-6.q16hdri-dev
Purl
pkg:deb/tuxcare/libmagick++-6.q16hdri-dev?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagick++-dev

Package

Name
libmagick++-dev
Purl
pkg:deb/tuxcare/libmagick++-dev?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagickcore-6-arch-config

Package

Name
libmagickcore-6-arch-config
Purl
pkg:deb/tuxcare/libmagickcore-6-arch-config?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagickcore-6-headers

Package

Name
libmagickcore-6-headers
Purl
pkg:deb/tuxcare/libmagickcore-6-headers?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagickcore-6.q16-6

Package

Name
libmagickcore-6.q16-6
Purl
pkg:deb/tuxcare/libmagickcore-6.q16-6?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagickcore-6.q16-6-extra

Package

Name
libmagickcore-6.q16-6-extra
Purl
pkg:deb/tuxcare/libmagickcore-6.q16-6-extra?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagickcore-6.q16-dev

Package

Name
libmagickcore-6.q16-dev
Purl
pkg:deb/tuxcare/libmagickcore-6.q16-dev?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagickcore-6.q16hdri-6

Package

Name
libmagickcore-6.q16hdri-6
Purl
pkg:deb/tuxcare/libmagickcore-6.q16hdri-6?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagickcore-6.q16hdri-6-extra

Package

Name
libmagickcore-6.q16hdri-6-extra
Purl
pkg:deb/tuxcare/libmagickcore-6.q16hdri-6-extra?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagickcore-6.q16hdri-dev

Package

Name
libmagickcore-6.q16hdri-dev
Purl
pkg:deb/tuxcare/libmagickcore-6.q16hdri-dev?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagickcore-dev

Package

Name
libmagickcore-dev
Purl
pkg:deb/tuxcare/libmagickcore-dev?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagickwand-6-headers

Package

Name
libmagickwand-6-headers
Purl
pkg:deb/tuxcare/libmagickwand-6-headers?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagickwand-6.q16-6

Package

Name
libmagickwand-6.q16-6
Purl
pkg:deb/tuxcare/libmagickwand-6.q16-6?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagickwand-6.q16-dev

Package

Name
libmagickwand-6.q16-dev
Purl
pkg:deb/tuxcare/libmagickwand-6.q16-dev?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagickwand-6.q16hdri-6

Package

Name
libmagickwand-6.q16hdri-6
Purl
pkg:deb/tuxcare/libmagickwand-6.q16hdri-6?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagickwand-6.q16hdri-dev

Package

Name
libmagickwand-6.q16hdri-dev
Purl
pkg:deb/tuxcare/libmagickwand-6.q16hdri-dev?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
libmagickwand-dev

Package

Name
libmagickwand-dev
Purl
pkg:deb/tuxcare/libmagickwand-dev?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"
perlmagick

Package

Name
perlmagick
Purl
pkg:deb/tuxcare/perlmagick?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777070517.json"