Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2016-3718

The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

  • Published: May 5, 2016
  • Updated: Apr 13, 2023
  • CVE: CVE-2016-3718
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

Software From Fixed in
canonical / ubuntu_linux 12.04 12.04.x
canonical / ubuntu_linux 16.04 16.04.x
canonical / ubuntu_linux 15.10 15.10.x
canonical / ubuntu_linux 14.04 14.04.x
imagemagick / imagemagick 7.0.0-0 7.0.0-0.x
imagemagick / imagemagick 7.0.1-0 7.0.1-0.x
redhat / enterprise_linux_server_supplementary_eus 6.7z 6.7z.x
redhat / enterprise_linux_desktop 7.0 7.0.x
redhat / enterprise_linux_server_aus 7.2 7.2.x
redhat / enterprise_linux_workstation 7.0 7.0.x
redhat / enterprise_linux_server 7.0 7.0.x
redhat / enterprise_linux_hpc_node 6.0 6.0.x
redhat / enterprise_linux_hpc_node 7.0 7.0.x
redhat / enterprise_linux_desktop 6.0 6.0.x
redhat / enterprise_linux_hpc_node_eus 7.2 7.2.x
redhat / enterprise_linux_server 6.0 6.0.x
redhat / enterprise_linux_workstation 6.0 6.0.x
redhat / enterprise_linux_server_tus 7.2 7.2.x
redhat / enterprise_linux_eus 6.7 6.7.x
redhat / enterprise_linux_server_tus 7.3 7.3.x
redhat / enterprise_linux_server_aus 7.3 7.3.x
redhat / enterprise_linux_server_aus 7.4 7.4.x
redhat / enterprise_linux_eus 7.3 7.3.x
redhat / enterprise_linux_eus 7.4 7.4.x
redhat / enterprise_linux_eus 7.5 7.5.x
redhat / enterprise_linux_server_tus 7.6 7.6.x
redhat / enterprise_linux_server_aus 7.6 7.6.x
redhat / enterprise_linux_eus 7.6 7.6.x
redhat / enterprise_linux_eus 7.2 7.2.x
redhat / enterprise_linux_server_aus 7.7 7.7.x
redhat / enterprise_linux_server_tus 7.7 7.7.x
redhat / enterprise_linux_eus 7.7 7.7.x
redhat / enterprise_linux_for_power_big_endian_eus 7.2_ppc64 7.2_ppc64.x
redhat / enterprise_linux_for_power_big_endian_eus 7.3_ppc64 7.3_ppc64.x
redhat / enterprise_linux_for_power_big_endian_eus 7.4_ppc64 7.4_ppc64.x
redhat / enterprise_linux_for_power_big_endian_eus 7.5_ppc64 7.5_ppc64.x
redhat / enterprise_linux_for_power_big_endian_eus 7.6_ppc64 7.6_ppc64.x
redhat / enterprise_linux_for_power_big_endian_eus 7.7_ppc64 7.7_ppc64.x
redhat / enterprise_linux_server_from_rhui 7.0 7.0.x
redhat / enterprise_linux_for_power_big_endian_eus 6.7_ppc64 6.7_ppc64.x
redhat / enterprise_linux_server_from_rhui 6.0 6.0.x
redhat / enterprise_linux_for_power_little_endian 7.0_ppc64le 7.0_ppc64le.x
redhat / enterprise_linux_for_power_big_endian 7.0_ppc64 7.0_ppc64.x
redhat / enterprise_linux_for_ibm_z_systems 7.0_s390x 7.0_s390x.x
redhat / enterprise_linux_for_power_little_endian_eus 7.7_ppc64le 7.7_ppc64le.x
redhat / enterprise_linux_for_power_little_endian_eus 7.6_ppc64le 7.6_ppc64le.x
redhat / enterprise_linux_for_power_little_endian_eus 7.5_ppc64le 7.5_ppc64le.x
redhat / enterprise_linux_for_power_little_endian_eus 7.4_ppc64le 7.4_ppc64le.x
redhat / enterprise_linux_for_ibm_z_systems_eus 7.7_s390x 7.7_s390x.x
redhat / enterprise_linux_for_ibm_z_systems_eus 7.6_s390x 7.6_s390x.x
redhat / enterprise_linux_for_ibm_z_systems_eus 7.5_s390x 7.5_s390x.x
redhat / enterprise_linux_for_ibm_z_systems_eus 7.4_s390x 7.4_s390x.x
redhat / enterprise_linux_for_power_big_endian 6.0_ppc64 6.0_ppc64.x
redhat / enterprise_linux_for_ibm_z_systems 6.0_s390x 6.0_s390x.x
redhat / enterprise_linux_for_power_little_endian_eus 7.2_ppc64le 7.2_ppc64le.x
redhat / enterprise_linux_for_power_little_endian_eus 7.3_ppc64le 7.3_ppc64le.x
redhat / enterprise_linux_for_ibm_z_systems_eus 7.3_s390x 7.3_s390x.x
redhat / enterprise_linux_for_ibm_z_systems_eus 7.2_s390x 7.2_s390x.x
redhat / enterprise_linux_for_ibm_z_systems_eus 6.7_s390x 6.7_s390x.x
imagemagick / imagemagick - 6.9.3-10
oracle / solaris 11.3 11.3.x
oracle / solaris 10 10.x
oracle / linux 6 6.x
oracle / linux 7 7.x
suse / linux_enterprise_server 11-sp4 11-sp4.x
suse / linux_enterprise_debuginfo 11-sp3 11-sp3.x
suse / openstack_cloud 5 5.x
suse / manager_proxy 2.1 2.1.x
suse / linux_enterprise_software_development_kit 12-sp1 12-sp1.x
suse / linux_enterprise_debuginfo 11-sp2 11-sp2.x
suse / linux_enterprise_server 11-sp3 11-sp3.x
suse / manager 2.1 2.1.x
suse / linux_enterprise_server 12-sp1 12-sp1.x
suse / linux_enterprise_software_development_kit 11-sp4 11-sp4.x
suse / linux_enterprise_debuginfo 11-sp4 11-sp4.x
suse / linux_enterprise_server 11-sp2 11-sp2.x
suse / linux_enterprise_workstation_extension 12-sp1 12-sp1.x
suse / linux_enterprise_desktop 12-sp1 12-sp1.x
opensuse / leap 42.1 42.1.x
opensuse / opensuse 13.2 13.2.x
suse / linux_enterprise_server 12 12.x
suse / linux_enterprise_software_development_kit 12 12.x
suse / linux_enterprise_desktop 12 12.x
suse / linux_enterprise_workstation_extension 12 12.x