CLSA-2026-1777394326

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1777394326.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1777394326
Upstream
  • CVE-2026-33900
  • CVE-2026-33905
Published
2026-04-28T16:38:50Z
Modified
2026-06-01T00:33:14.385818807Z
Summary
ImageMagick: Fix of 2 CVEs
Details
  • CVE-2026-33900: integer truncation/wraparound in the viff encoder that could trigger an out-of-bounds heap write on 32-bit builds (GHSA-v67w-737x-v2c9; upstream b6c01a5a23f1e350ebe2db78c7cc326db2e320c9)
  • CVE-2026-33905: out-of-bounds read in SampleImage when sample:offset is set via -sample define (GHSA-pcvx-ph33-r5vv; upstream 140fc7b01fa7d870b3bc8453fb7adccfb7c1e202 with follow-up 8d73954bf7e13a352e71a32cf7d18905577f17e8)
References

Affected packages

TuxCare:CentOS-Stream:8
ImageMagick

Package

Name
ImageMagick
Purl
pkg:rpm/tuxcare/ImageMagick?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.13.25-1.el8.tuxcare.els28

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1777394326.json"
ImageMagick-c++

Package

Name
ImageMagick-c++
Purl
pkg:rpm/tuxcare/ImageMagick-c++?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.13.25-1.el8.tuxcare.els28

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1777394326.json"
ImageMagick-c++-devel

Package

Name
ImageMagick-c++-devel
Purl
pkg:rpm/tuxcare/ImageMagick-c++-devel?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.13.25-1.el8.tuxcare.els28

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1777394326.json"
ImageMagick-devel

Package

Name
ImageMagick-devel
Purl
pkg:rpm/tuxcare/ImageMagick-devel?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.13.25-1.el8.tuxcare.els28

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1777394326.json"
ImageMagick-djvu

Package

Name
ImageMagick-djvu
Purl
pkg:rpm/tuxcare/ImageMagick-djvu?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.13.25-1.el8.tuxcare.els28

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1777394326.json"
ImageMagick-doc

Package

Name
ImageMagick-doc
Purl
pkg:rpm/tuxcare/ImageMagick-doc?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.13.25-1.el8.tuxcare.els28

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1777394326.json"
ImageMagick-libs

Package

Name
ImageMagick-libs
Purl
pkg:rpm/tuxcare/ImageMagick-libs?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.13.25-1.el8.tuxcare.els28

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1777394326.json"
ImageMagick-perl

Package

Name
ImageMagick-perl
Purl
pkg:rpm/tuxcare/ImageMagick-perl?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.13.25-1.el8.tuxcare.els28

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1777394326.json"