CVE-2021-3596

Summary

A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.

Affected Software

VendorProductVersion RangeStatus
n/aImageMagickImageMagick 7.0.10-31affected

Weaknesses

  • CWE-476: CWE-476

ADP Enrichment

CVE Program Container

Additional References

References