Multiple vulnerabilities in ImageMagick (CVE-2026-24481, CVE-2026-24484, CVE-2026-24485, etc.), including high-severity issues with CVSS scores up to 7.5, could lead to information leaks, security policy bypass, denial of service, or arbitrary code execution. Affected versions include ImageMagick before 6.9.13-40 and versions 7.0.0 through 7.1.2-14. The fixed versions are 6.9.13-40 and 7.1.2-15, with Debian's specific patched version being 8:7.1.1.43+dfsg1-1+deb13u6 for its stable distribution.
[SECURITY] [DSA 6158-1] imagemagick security update To : debian-security-announce@lists.debian.org Subject : [SECURITY] [DSA 6158-1] imagemagick security update From : Moritz Muehlenhoff < jmm@debian.org > Date : Mon, 9 Mar 2026 21:21:36 +0000 Message-id : < [🔎] aa854CWHuJSpfJnp@seger.debian.org > Reply-to : debian-security-announce-request@lists.debian.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6158-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff March 09, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : imagemagick CVE ID : CVE-2026-24481 CVE-2026-24484 CVE-2026-24485 CVE-2026-25576 CVE-2026-25637 CVE-2026-25638 CVE-2026-25794 CVE-2026-25795 CVE-2026-25796 CVE-2026-25797 CVE-2026-25798 CVE-2026-25799 CVE-2026-25897 CVE-2026-25898 CVE-2026-25965 CVE-2026-25966 CVE-2026-25967 CVE-2026-25968 CVE-2026-25969 CVE-2026-25970 CVE-2026-25971 CVE-2026-25982 CVE-2026-25983 CVE-2026-25985 CVE-2026-25986 CVE-2026-25987 CVE-2026-25988 CVE-2026-25989 CVE-2026-26066 CVE-2026-26283 CVE-2026-26284 CVE-2026-26983 CVE-2026-27798 CVE-2026-27799 Multiple security vulnerabilities were discovered in imagemagick, a software suite used for editing and manipulating digital images, which could lead to information leaks, bypass of security policies, denial of service or arbitrary code execution. For the stable distribution (trixie), these problems have been fixed in version 8:7.1.1.43+dfsg1-1+deb13u6. We recommend that you upgrade your imagemagick packages. For the detailed security status of imagemagick please refer to its security tracker page at: https://security-tracker.debian.org/tracker/imagemagick Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmmvOaMACgkQEMKTtsN8 TjZLww/7BqfVvKQWt2l1QeziU6uLrLtrKUoZnwCdd19FP5Nfw2Z5TrpNcmbV7BLx 3g9ILoo9fiqCGf0uoA3j3Ac5LjD6ZL4GsfvYVVutCWxpDBDSkeZXs6NqbAsuXThI tPEPKlIBimXpJNFodYBUxuT1JOiqrQbtPhKJNThuab4arzC3NqYTFIeEdeOL0xsD yvHuXf/lIBP6IzAfVVPJJ0AXGprbEmrhGD7GiKLE0TeuTOpWaMHCdAIyQDiizFBQ pD9pnrq9DqsXec/iSTe3GWj9gp8K38Zkm8FYpjuslRTS9xB13jGSbpxXDFzW6Xj4 P2prQC0RGRmRO7JkKYTQVndhs2ITtv4LB0V1+XdbHY5GsZsbayKRSCEicCoXixf9 IoZ/fQeJukq2vx7JelnjOrgNs4Yh6d+ApDRUWunpQytI/KIT2MX2RhYuYMkgxIOj 9g3WLDWzDOKNSzxBgzk+pxkmjWOuxoK0krM2zojkTHyDZh2APHSQU+27rfHRt8FF txlbHotWIEEtET+aaEYO+wERQDl7N4paVEHGRM+Mvh1I+e3di3LHIakJODAHeM5A he7fdb3a23v1kyRP2dd1TeKOvPkYrL7oTuUS1JVvWqWMo+D45Lcfb2jW1OcOUQHc j5QWXOiZxhksIvhuhmNiTEeFzB0eEAMMJZxdJ8s7Wn7oM2+X2Xg= =QleS -----END PGP SIGNATURE----- Reply to: debian-security-announce@lists.debian.org Moritz Muehlenhoff (on-list) Moritz Muehlenhoff (off-list) Prev by Date: [SECURITY] [DSA 6157-1] chromium security update Previous by thread: [SECURITY] [DSA 6157-1] chromium security update Index(es): Date Thread