UBUNTU-CVE-2021-3596

A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt and uses the value directly, which leads to a crash and segmentation fault...

ImageMagick 代码问题漏洞

Imagemagick Studio ImageMagick is a set of open source image processing software from the American company ImageMagick Studio Imagemagick Studio. The software can read, convert, or write images in a variety of formats.ImageMagick has a security vulnerability that stems from a null pointer...

XML External Entity (XXE) Injection

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to XML External Entity XXE Injection. Users of Nokogiri on JRuby who parse untrusted documents using any of these classes are affected: - Nokogiri::XML::SAX::Parse -...

openSUSE Security Update : libxml2 (openSUSE-2016-662)

libxml2 was updated to fix security issues and a regression from the last version update. Security issues fixed : - CVE-2016-3627: Fixed stack exhaustion while parsing certain XML files in recovery mode bnc972335. - CVE-2016-3705: Improved protection against the Billion Laughs Attack bnc975947...