Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-3596

Опубликовано: 24 фев. 2022
Источник: ubuntu
Приоритет: low
CVSS2: 4.3
CVSS3: 6.5

Описание

A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.

РелизСтатусПримечание
bionic

not-affected

policy forbids PS/PDF
devel

not-affected

8:6.9.11.60+dfsg-1.3build1
esm-apps/focal

not-affected

policy forbids PS/PDF
esm-apps/jammy

not-affected

8:6.9.11.60+dfsg-1.3build1
esm-infra-legacy/trusty

not-affected

policy forbids PS/PDF
esm-infra/bionic

not-affected

policy forbids PS/PDF
esm-infra/xenial

not-affected

policy forbids PS/PDF
focal

not-affected

policy forbids PS/PDF
impish

not-affected

8:6.9.11.60+dfsg-1ubuntu1
jammy

not-affected

8:6.9.11.60+dfsg-1.3build1

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-3596

CVSS3: 5.3
redhat
больше 5 лет назад

A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.

nvd логотип

CVE-2021-3596

CVSS3: 6.5
nvd
почти 4 года назад

A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.

debian логотип

CVE-2021-3596

CVSS3: 6.5
debian
почти 4 года назад

A NULL pointer dereference flaw was found in ImageMagick in versions p ...

github логотип

GHSA-8jv5-qv7g-fm4r

CVSS3: 6.5
github
почти 4 года назад

A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.

fstec логотип

BDU:2023-02650

CVSS3: 6.5
fstec
больше 4 лет назад

Уязвимость функции ReadSVGImage() компонента coders/svg.c консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании

4.3 Medium

CVSS2

6.5 Medium

CVSS3