Uncontrolled Recursion
CVE-2019-18853
Summary
ImageMagick 6.x before 6.9.10-69 and ImageMagick 7.x before 7.0.9-0, allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in "coders/svg.c", related to SVG and libxml2.
- LOW
- NETWORK
- NONE
- UNCHANGED
- REQUIRED
- NONE
- NONE
- HIGH
CWE-674 - Uncontrolled Recursion
The product does not properly control the amount of recursion which takes place, consuming excessive resources, such as allocated memory or the program stack.
Advisory Timeline
- Published