Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-3596

Опубликовано: 25 сент. 2020
Источник: redhat
CVSS3: 5.3

Описание

A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.

A NULL pointer dereference flaw was found in ImageMagick in ReadSVGImage() in coders/svg.c . This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5ImageMagickOut of support scope
Red Hat Enterprise Linux 6ImageMagickOut of support scope
Red Hat Enterprise Linux 7ImageMagickWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=1970569ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c

5.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-3596

CVSS3: 6.5
ubuntu
почти 4 года назад

A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.

nvd логотип

CVE-2021-3596

CVSS3: 6.5
nvd
почти 4 года назад

A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.

debian логотип

CVE-2021-3596

CVSS3: 6.5
debian
почти 4 года назад

A NULL pointer dereference flaw was found in ImageMagick in versions p ...

github логотип

GHSA-8jv5-qv7g-fm4r

CVSS3: 6.5
github
почти 4 года назад

A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.

fstec логотип

BDU:2023-02650

CVSS3: 6.5
fstec
больше 4 лет назад

Уязвимость функции ReadSVGImage() компонента coders/svg.c консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании

5.3 Medium

CVSS3