Headline
CVE-2021-4219: remote DoS in MagicCore/draw.c via crafted SVG file
A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an attacker to crash the system.
Description Marian Rehak 2022-02-15 10:34:06 UTC
In order to successfully exploit this vulnerability, the attacker needs to submit a specially crafted SVG to the ImageMagick to let ImageMagick hang forever from reading a file descriptor. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted SVG file.
Reference:
https://github.com/ImageMagick/ImageMagick/issues/4626