All vulnerabilities
CVE-2016-3715
ImageMagick Arbitrary File Deletion Vulnerability
ImageMagick — ImageMagick
- Added to KEV catalog
- 3 November 2021
- Federal remediation due date
- 3 May 2022
- Weakness classification (CWE)
- CWE-284
CISA Description
ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'ephemeral' pseudo protocol, which deletes files after reading.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2016-3715
More ImageMagick Vulnerabilities
Confirm Your Exposure
Is this vulnerability present in your environment?
CRS delivers independent VAPT assessments that identify exactly which known-exploited vulnerabilities exist in your network, applications, and infrastructure.
Explore VAPT Services