Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 555
Alerts This Week
Warning Icon 1 555

SUSE ImageMagick Important Update 2026-1497-1 21 Vulnerabilities Fixed

suse
Calendar Grey April 21, 2026
Dist Suse Esm H88
SUSE updates ImageMagick to fix 21 vulnerabilities, enhancing security and preventing potential denial of service issues. Upgrade recommended.
An update that solves 21 vulnerabilities can now be installed.

Summary

## This update for ImageMagick fixes the following issues: * CVE-2026-24484: denial of service via multi-layer nested MVG to SVG conversion (bsc#1258790). * CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write (bsc#1259446). * CVE-2026-28494: missing bounds checks in the morphology kernel parsing functions can lead to a stack buffer overflow (bsc#1259447). * CVE-2026-28686: undersized output buffer allocation in the PCL encoder can lead to a heap buffer overflow (bsc#1259448). * CVE-2026-28687: heap use-after-free vulnerability in the MSL decoder via a crafted MSL file (bsc#1259450). * CVE-2026-28688: heap use-after-free in the MSL encoder when a cloned image is destroyed twice (bsc#1259451). * CVE-2026-28689: `domain="path"` authorization is checked before

References

* bsc#1258790

* bsc#1259446

* bsc#1259447

* bsc#1259448

* bsc#1259450

* bsc#1259451

* bsc#1259452

* bsc#1259455

* bsc#1259456

* bsc#1259457

* bsc#1259463

* bsc#1259464

* bsc#1259466

* bsc#1259467

* bsc#1259468

* bsc#1259528

* bsc#1259612

* bsc#1259872

* bsc#1260874

* bsc#1260879

* bsc#1262097

Cross-

* CVE-2026-24484

* CVE-2026-28493

* CVE-2026-28494

* CVE-2026-28686

* CVE-2026-28687

* CVE-2026-28688

* CVE-2026-28689

* CVE-2026-28690

* CVE-2026-28691

* CVE-2026-28692

* CVE-2026-28693

* CVE-2026-30883

* CVE-2026-30929

* CVE-2026-30936

* CVE-2026-30937

* CVE-2026-31853

* CVE-2026-32259

* CVE-2026-32636

* CVE-2026-33535

* CVE-2026-33536

* CVE-2026-33905

CVSS scores:

* CVE-2026-24484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:1497-1
Release Date: 2026-04-20T16:15:55Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.