EPSS
Percentile
74.2%
GraphicsMagick is vulnerable to arbitrary code execution. A heap-based buffer over-read in ReadOneJNGImage in coders/png.c allows an attacker to execute arbitrary code on the host OS.
ReadOneJNGImage
coders/png.c
hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=8e3d2264109c
lists.debian.org/debian-lts-announce/2018/01/msg00005.html
lists.debian.org/debian-lts-announce/2018/06/msg00009.html
sourceforge.net/p/graphicsmagick/bugs/530/
usn.ubuntu.com/4248-1/
www.debian.org/security/2018/dsa-4321