Red Hat Security Advisory: ImageMagick security update
🔗 CVE IDs covered (9)
📋 Description
CVE-2026-45031 — ImageMagick: ImageMagick: Denial of Service due to resource policy bypass in PSD decoder
CVE-2026-45664 — ImageMagick: ImageMagick: Denial of Service due to excessive resource use in MNG coder
CVE-2026-46520 — ImageMagick: ImageMagick: Denial of Service via out-of-bounds write when processing multiple images
CVE-2026-46522 — ImageMagick: ImageMagick: Denial of Service via crafted MIFF file
CVE-2026-46523 — ImageMagick: ImageMagick: Denial of Service via crafted MSL image leading to heap-use-after-free
CVE-2026-46692 — ImageMagick: ImageMagick: Heap buffer over-write via magick -distribute-cache service connection
CVE-2026-49218 — ImageMagick: ImageMagick: Denial of Service via crafted DCM image with invalid dimensions
CVE-2026-53460 — ImageMagick: ImageMagick: Denial of Service via missing memory request check
CVE-2026-56379 — ImageMagick: ImageMagick: Arbitrary code execution via SVG decoder command injection
🔗 References (12)
- selfhttps://access.redhat.com/errata/RHSA-2026:32961
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2487729
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2487730
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2487732
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2487734
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2487743
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2487749
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2487757
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2487763
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2491700
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_32961.json