CVE security advisories and vulnerability history for imagemagick by Debian.
812
Total CVEs
Published
3
In CISA KEV
Exploited in the wild
41
Public exploits
PoC or exploit code
6.7
Avg CVSS
2003–2026
Last updated
Overview
Debian imagemagick has 812 published CVE records since 2003, of which 3 are in CISA's Known Exploited Vulnerabilities catalog and 41 have a known public exploit. The average CVSS base score across scored CVEs is 6.7.
This page aggregates every publicly disclosed vulnerability (CVE) affecting Debian imagemagick, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.
Severity and exploitation
How the CVSS severity of Debian imagemagick's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.
Critical56
High233
Medium484
Low39
In CISA’s Known Exploited Vulnerabilities catalog
3
3 of Debian imagemagick's CVEs are confirmed exploited in the wild.
Public exploits
41
41 of Debian imagemagick's CVEs have a known public exploit available.
Affected versions and CVEs
Browse every Debian imagemagick version named in a CVE, then pick one to see only the CVEs that affect it.
Version ranges
< 8:6.9.9.34+dfsg-3103 CVEs
< 8:6.9.11.24+dfsg-180 CVEs
< 8:6.9.6.2+dfsg-278 CVEs
< 8:6.8.9.9-451 CVEs
< 8:7.1.2.15+dfsg1-142 CVEs
< 8:7.1.1.43+dfsg1-1+deb13u634 CVEs
< 8:7.1.2.26+dfsg1-126 CVEs
< 8:6.9.11.60+dfsg-1.3+deb11u1025 CVEs
< 8:6.9.11.60+dfsg-1.6+deb12u724 CVEs
< 8:6.9.11.60+dfsg-1.3+deb11u1122 CVEs
< 8:6.9.11.60+dfsg-1.6+deb12u8
Common weakness types
The CWE weakness categories most often found in Debian imagemagick CVEs. Follow any weakness for its full explanation.
Common questions about Debian imagemagick vulnerabilities.
How many CVEs does Debian imagemagick have?
Debian imagemagick has 812 published CVE records since 2003.
How many Debian imagemagick CVEs are in CISA KEV?
Yes — 3 of Debian imagemagick's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.
Are there public exploits for Debian imagemagick vulnerabilities?
Yes — 41 of Debian imagemagick's CVEs have a known public exploit.
Which versions of Debian imagemagick are affected?
232 distinct Debian imagemagick versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.
What are the most common weakness types in Debian imagemagick CVEs?
Debian imagemagick's CVEs most often map to these CWE weakness types: CWE-190 (Integer Overflow or Wraparound), CWE-122 (Heap-based Buffer Overflow), CWE-401 (Missing Release of Memory after Effective Lifetime), CWE-125 (Out-of-bounds Read).
How many critical Debian imagemagick vulnerabilities are there?
Debian imagemagick has 56 critical and 233 high-severity CVEs.
What is the average severity of Debian imagemagick CVEs?
The average CVSS base score across Debian imagemagick's scored CVEs is 6.7.