CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-2318

GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.7%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

Products affected by CVE-2016-2318

Graphicsmagick » Graphicsmagick » Version: 1.3.23

cpe:2.3:a:graphicsmagick:graphicsmagick:1.3.23
Suse » Linux Enterprise Debuginfo » Version: 11

cpe:2.3:a:suse:linux_enterprise_debuginfo:11
Suse » Studio Onsite » Version: 1.3

cpe:2.3:a:suse:studio_onsite:1.3
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0
Opensuse » Leap » Version: 42.1

cpe:2.3:o:opensuse:leap:42.1
Opensuse » Opensuse » Version: 13.2

cpe:2.3:o:opensuse:opensuse:13.2
Suse » Linux Enterprise Software Development Kit » Version: 11

cpe:2.3:o:suse:linux_enterprise_software_development_kit:11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-2318

Products

Pricing

Contact Us