Your submission was sent successfully! Close

CVE-2019-10649

Published: 30 March 2019

In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
imagemagick
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
cosmic
Released (8:6.9.10.8+dfsg-1ubuntu2.2)
disco
Released (8:6.9.10.14+dfsg-7ubuntu2.2)
precise Does not exist

trusty Does not exist
(trusty was needs-triage)
upstream Needs triage

xenial Not vulnerable
(code not present)