CVE-2016-3715 — ImageMagick Arbitrary File Deletion Vulnerability
2021-11-03 • CISA Known Exploited Vulnerability
[event] ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'ephemeral' pseudo protocol, which deletes files after reading.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | ImageMagick |
| Product | ImageMagick |
| CWE | CWE-284 |
| CVE ID | CVE-2016-3715 |
| Date Added | 2021-11-03 |
| Due Date | 2022-05-03 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-05-03