NULL Pointer Dereference
CVE-2021-3596
Summary
A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 and in ImageMagick6 versions prior to 6.9.11-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.
- LOW
- NETWORK
- NONE
- UNCHANGED
- REQUIRED
- NONE
- NONE
- HIGH
CWE-476 - NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
Advisory Timeline
- Published