CVE-2016-3714

ImageMagick contains an improper input validation vulnerability that affects the EPHEMERAL, HTTPS, MVG, MSL, TEXT, SHOW, WIN, and PLT coders. This allows a remote attacker to execute arbitrary code via shell metacharacters in a crafted image. Vendor/Product: ImageMagick ImageMagick. Added to CISA KEV 2024-09-09; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.