Updated: 2023-03-13 05:04:19.496636
Description:
A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | MEDIUM | 4.3 |
| CVSS Version 3.x | MEDIUM | 6.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
|---|---|---|---|---|---|---|---|
| Ubuntu 16.04 ELS | imagemagick | 6.8.9.9-7 | 6.5 | MEDIUM | Ignored | 2022-03-09 14:45:16 | |
| Ubuntu 18.04 ELS | imagemagick | 6.9.7.4 | 6.5 | MEDIUM | Ignored | 2023-03-13 05:04:19 |
Will not fix: low score