Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2026-28493

Опубликовано: 10 мар. 2026
Источник: debian
EPSS Низкий

Описание

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, an integer overflow vulnerability exists in the SIXEL decoer. The vulnerability allows an attacker to perform an out of bounds via a specially crafted image. This vulnerability is fixed in 7.1.2-16.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
imagemagickfixed8:7.1.2.16+dfsg1-1package
imagemagicknot-affectedbookwormpackage
imagemagicknot-affectedbullseyepackage

Примечания

  • https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r39q-jr8h-gcq2

  • Fixed by: [1/3] https://github.com/ImageMagick/ImageMagick/commit/6cefe972445185cbb9c76651231d52512e0ec14b (7.1.2-16)

  • Fixed by: [2/3] https://github.com/ImageMagick/ImageMagick/commit/47a803cc139a6eebf14fca5f1d5dd25c7782cc98 (7.1.2-16)

  • Fixed by: [3/3] https://github.com/ImageMagick/ImageMagick/commit/cd7acd2c4bea5c953fae062d9ce43d11374dcb60 (7.1.2-16)

  • im6 not affected see https://github.com/ImageMagick/ImageMagick6/issues/404

EPSS

Процентиль: 17%
0.00055
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2026-28493

CVSS3: 6.5
ubuntu
17 дней назад

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, an integer overflow vulnerability exists in the SIXEL decoer. The vulnerability allows an attacker to perform an out of bounds via a specially crafted image. This vulnerability is fixed in 7.1.2-16.

redhat логотип

CVE-2026-28493

CVSS3: 6.5
redhat
18 дней назад

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, an integer overflow vulnerability exists in the SIXEL decoer. The vulnerability allows an attacker to perform an out of bounds via a specially crafted image. This vulnerability is fixed in 7.1.2-16.

nvd логотип

CVE-2026-28493

CVSS3: 6.5
nvd
17 дней назад

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, an integer overflow vulnerability exists in the SIXEL decoer. The vulnerability allows an attacker to perform an out of bounds via a specially crafted image. This vulnerability is fixed in 7.1.2-16.

github логотип

GHSA-r39q-jr8h-gcq2

CVSS3: 6.5
github
15 дней назад

ImageMagick has Integer Overflow leading to out of bounds write in SIXEL decoder

EPSS

Процентиль: 17%
0.00055
Низкий