Back to CVE Lookup
CVE-2016-3718
MEDIUM - CVSS 5.5CWE-918
Published: 5/5/2016
Modified: 10/22/2025
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
Vulnerability Summary
CVSS v3 Score
5.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVSS v2 Score
4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N