CVE-2021-3962

Name of the Vulnerable Software and Affected Versions ImageMagick versions 7.1.0 through 7.1.0-14

Description A flaw in ImageMagick allows an attacker to create a specially crafted image, leading to a use-after-free vulnerability when processed. This vulnerability poses a threat to confidentiality, integrity, and system availability. The issue arises from the improper sanitization of certain input before invoking convert processes.

Recommendations For ImageMagick versions 7.1.0 through 7.1.0-14, consider disabling the convert process invocation until a patch is available to prevent exploitation of the use-after-free vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.