suse · CVE-2016-5118

Quick triage

Priority: medium Published: 2021-05-30 13:42:51 UTC Updated: 2026-04-18 16:08:25 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-5118 severity moderate: SUSE including 170 source package names (GraphicsMagick-1.2.5-4.38.1, GraphicsMagick-1.3.25-1.1, …), 266 product×package rows across 62 product lines (SUSE Liberty Linux 7, SUSE Linux Enterprise Desktop 12, … (62 product lines)): Fixed 266.

Description:

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

cvelogic Threat Intelligence