OESA-2026-2641
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-2641
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2026-2641.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2026-2641
- Upstream
- Published
- 2026-06-12T12:25:40Z
- Modified
- 2026-06-12T12:45:09.501925678Z
- Summary
- ImageMagick security update
- Details
-
Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats (over 200) including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images, adjust image colors, apply various special effects, or draw text, lines, polygons, ellipses and Bézier curves.
Security Fix(es):
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, a missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-Memory condition. This issue has been patched in versions 6.9.13-50 and 7.1.2-25.(CVE-2026-53460)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, an incorrect loop in the ICON decoder can result in an out of bounds heap write resulting in a crash. This issue has been patched in versions 6.9.13-50 and 7.1.2-25.(CVE-2026-53461)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when an allocation fails in CheckPrimitiveExtent this can result in a heap-use-after-free and result in a crash. This issue has been patched in versions 6.9.13-50 and 7.1.2-25.(CVE-2026-53462)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when passing incorrect arguments in the distort operation a null pointer deference will occur. This issue has been patched in versions 6.9.13-50 and 7.1.2-25.(CVE-2026-53463)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, when providing invalid options to the wand option parser a small memory leak will occur. This issue has been patched in version 7.1.2-25.(CVE-2026-53464)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, a crafted multi-frame can result in a heap buffer over-write when encoding it with the SF3 encoder. This issue has been patched in version 7.1.2-25.(CVE-2026-53465)
- Database specific
{ "severity": "High" }- References
-
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2641
- https://nvd.nist.gov/vuln/detail/CVE-2026-53460
- https://nvd.nist.gov/vuln/detail/CVE-2026-53461
- https://nvd.nist.gov/vuln/detail/CVE-2026-53462
- https://nvd.nist.gov/vuln/detail/CVE-2026-53463
- https://nvd.nist.gov/vuln/detail/CVE-2026-53464
- https://nvd.nist.gov/vuln/detail/CVE-2026-53465
Affected packages
openEuler:24.03-LTS-SP1 / ImageMagick
Package
- Name
- ImageMagick
- Purl
- pkg:rpm/openEuler/ImageMagick&distro=openEuler-24.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.1.2.25-1.oe2403sp1
Ecosystem specific
{
"x86_64": [
"ImageMagick-7.1.2.25-1.oe2403sp1.x86_64.rpm",
"ImageMagick-c++-7.1.2.25-1.oe2403sp1.x86_64.rpm",
"ImageMagick-c++-devel-7.1.2.25-1.oe2403sp1.x86_64.rpm",
"ImageMagick-debuginfo-7.1.2.25-1.oe2403sp1.x86_64.rpm",
"ImageMagick-debugsource-7.1.2.25-1.oe2403sp1.x86_64.rpm",
"ImageMagick-devel-7.1.2.25-1.oe2403sp1.x86_64.rpm",
"ImageMagick-perl-7.1.2.25-1.oe2403sp1.x86_64.rpm"
],
"src": [
"ImageMagick-7.1.2.25-1.oe2403sp1.src.rpm"
],
"aarch64": [
"ImageMagick-7.1.2.25-1.oe2403sp1.aarch64.rpm",
"ImageMagick-c++-7.1.2.25-1.oe2403sp1.aarch64.rpm",
"ImageMagick-c++-devel-7.1.2.25-1.oe2403sp1.aarch64.rpm",
"ImageMagick-debuginfo-7.1.2.25-1.oe2403sp1.aarch64.rpm",
"ImageMagick-debugsource-7.1.2.25-1.oe2403sp1.aarch64.rpm",
"ImageMagick-devel-7.1.2.25-1.oe2403sp1.aarch64.rpm",
"ImageMagick-perl-7.1.2.25-1.oe2403sp1.aarch64.rpm"
],
"noarch": [
"ImageMagick-help-7.1.2.25-1.oe2403sp1.noarch.rpm"
]
}