| Package | imagemagick |
|---|---|
| Version | 8:6.9.10.23+dfsg-2.1+deb10u16 (buster) |
| Related CVEs | CVE-2026-25971 CVE-2026-25985 CVE-2026-26284 CVE-2026-26983 CVE-2026-28494 CVE-2026-28686 CVE-2026-28687 CVE-2026-28688 CVE-2026-28689 CVE-2026-28690 CVE-2026-28691 CVE-2026-28692 CVE-2026-28693 CVE-2026-30883 CVE-2026-30936 CVE-2026-30937 CVE-2026-31853 CVE-2026-32259 CVE-2026-32636 CVE-2026-33535 CVE-2026-33536 |
Multiple security vulnerabilities were discovered in imagemagick, a software suite used for editing and manipulating digital images, which could lead to symlink races, information leaks, denial of service and potentially arbitrary code execution.
Note that SVG and MVG plugins were updated from imagemagick 6.9.13-41 in order to fix some vulnerabilities. This may change some conversion results like bounding box or borders due to small rounding changes.
For Debian 10 buster, these problems have been fixed in version 8:6.9.10.23+dfsg-2.1+deb10u16.
We recommend that you upgrade your imagemagick packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.