Upstream information

CVE-2019-10649 at MITRE

Description

In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.

SUSE information

SUSE Bugzilla entry: 1131154 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.