All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2016-3714
NONEKEVpublish date unavailable
CVSS / 10
// description
ImageMagick contains an improper input validation vulnerability that affects the EPHEMERAL, HTTPS, MVG, MSL, TEXT, SHOW, WIN, and PLT coders. This allows a remote attacker to execute arbitrary code via shell metacharacters in a crafted image.
// required action (CISA KEV)
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
added 2024-09-09 00:00 UTC