The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
| Version | Score | Severity | Vector String |
|---|---|---|---|
| 3.1 | 5.5 | Medium | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | 5.1.0 |