ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2.
References
Link | Resource |
---|---|
https://fortiguard.com/zeroday/FG-VD-19-136 | Third Party Advisory |
https://github.com/ImageMagick/ImageMagick/commit/ec9c8944af2bfc65c697ca44f93a727a99b405f1 | Patch Tool Signature |
Configurations
History
28 Apr 2021, 18:29
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://fortiguard.com/zeroday/FG-VD-19-136 - Third Party Advisory |
Information
Published : 2019-11-11 15:15
Updated : 2023-12-10 13:13
NVD link : CVE-2019-18853
Mitre link : CVE-2019-18853
CVE.ORG link : CVE-2019-18853
JSON object : View
Products Affected
imagemagick
- imagemagick
CWE
CWE-674
Uncontrolled Recursion