CVE-2021-3596 — NULL Pointer Dereference in Imagemagick

Vendor	Product	Version range	Fixed in
debian	debian_linux	—	—
debian	imagemagick	< imagemagick 8:6.9.11.57+dfsg-1 (bookworm)	imagemagick 8:6.9.11.57+dfsg-1 (bookworm)
fedoraproject	fedora	—	—
imagemagick	imagemagick	< 7.0.10-31	7.0.10-31
imagemagick	imagemagick	—	—
imagemagick	imagemagick	>= 0 < 8:6.9.11.57+dfsg-1	8:6.9.11.57+dfsg-1
imagemagick	imagemagick	>= 0 < 8:6.9.11.57+dfsg-1	8:6.9.11.57+dfsg-1
imagemagick	imagemagick	>= 0 < 8:6.9.11.57+dfsg-1	8:6.9.11.57+dfsg-1
imagemagick	imagemagick	>= 0 < 8:6.9.11.57+dfsg-1	8:6.9.11.57+dfsg-1
redhat	enterprise_linux	—	—
redhat	enterprise_linux	—	—
redhat	enterprise_linux	—	—

GHSA

GHSA-8jv5-qv7g-fm4r: A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7

ghsa_unreviewed·2022-02-25

CVE-2021-3596 [MEDIUM] CWE-476 GHSA-8jv5-qv7g-fm4r: A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7 A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.

OSV

CVE-2021-3596: A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7

osv·2022-02-24·CVSS 6.5

CVE-2021-3596 [MEDIUM] CVE-2021-3596: A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7 A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.

Debian

CVE-2021-3596: imagemagick - A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7....

vendor_debian·2021·CVSS 6.5

CVE-2021-3596 [MEDIUM] CVE-2021-3596: imagemagick - A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.... A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault. Scope: local bookworm: resolved (fixed in 8:6.9.11.57+dfsg-1) bullseye: resolved (fixed in 8:6.9.11.57+dfsg-1) forky: resolved (fixed in 8:6.9.11.57+dfsg-1) sid: resolved (fixed in 8:6.9.11.57+dfsg-1) trixie: resolved (fixed in 8:6.9.11.57+dfsg-1)

Red Hat

ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c

vendor_redhat·2020-09-25·CVSS 6.5

CVE-2021-3596 [MEDIUM] CWE-476 ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault. A NULL pointer dereference flaw was found in ImageMagick in ReadSVGImage() in coders/svg.c . This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault. Package: ImageMagick (Red Hat Enterprise Linux 5) - Out of support scope Package: ImageMagick (Red Hat Enterprise Linux 6) - Out of support scope Package: ImageMagick (Red

CVE-2021-3596: A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking…

Affected

CVSS provenance