Bugzilla – Bug 1196337
VUL-0: CVE-2021-4219: ImageMagick: denial of service in MagicCore/draw.c via crafted SVG file
Last modified: 2022-06-10 13:16:05 UTC
In order to successfully exploit this vulnerability, the attacker needs to submit a specially crafted SVG to the ImageMagick to let ImageMagick hang forever from reading a file descriptor. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted SVG file.
Considering 15sp4/ImageMagick as affected.
Was not able to reproduce.
Package submitted: 15sp4/ImageMagick
I believe all fixed.