COOEY // HUBcompliance · community · intelligence

FAIL › dossier

imagemagick vendor

4
failure events
0
zero-days
1
RCEs
3
on KEV
0
critical
65
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 8 events

DateEventSevFlagsShameSummary
2024-09-09 CVE-2016-3714 high ⚡RCE ⌖KEV 65 ImageMagick contains an improper input validation vulnerability that affects the EPHEMERAL, HTTPS, MVG, MSL, TEXT, SHOW, WIN, and PLT coders. This allows a remote attacker to execute arbitrary code via shell metacharacters in a crafted image.
2024-09-09 CVE-2016-3714 high ⚡RCE ⌖KEV 65 ImageMagick contains an improper input validation vulnerability that affects the EPHEMERAL, HTTPS, MVG, MSL, TEXT, SHOW, WIN, and PLT coders. This allows a remote attacker to execute arbitrary code via shell metacharacters in a crafted image.
2021-11-03 CVE-2016-3718 high ⌖KEV 50 ImageMagick contains an unspecified vulnerability that allows attackers to perform server-side request forgery (SSRF) via a crafted image.
2021-11-03 CVE-2016-3715 high ⌖KEV 50 ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'ephemeral' pseudo protocol, which deletes files after reading.
2021-11-03 CVE-2016-3718 high ⌖KEV 50 ImageMagick contains an unspecified vulnerability that allows attackers to perform server-side request forgery (SSRF) via a crafted image.
2021-11-03 CVE-2016-3715 high ⌖KEV 50 ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'ephemeral' pseudo protocol, which deletes files after reading.
2026-07-11 CVE-2026-56372 low 20 ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial
2026-07-11 CVE-2026-56372 low 20 ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial