Medium severity5.5NVD Advisory· Published Feb 3, 2017· Updated May 13, 2026

CVE-2016-2318

Description

GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.htmlnvdThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.htmlnvdThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.htmlnvdThird Party Advisory
www.debian.org/security/2016/dsa-3746nvdThird Party Advisory
www.openwall.com/lists/oss-security/2016/02/11/6nvdMailing ListThird Party Advisory
www.openwall.com/lists/oss-security/2016/05/27/4nvdMailing ListThird Party Advisory
www.openwall.com/lists/oss-security/2016/05/31/3nvdMailing ListThird Party Advisory
www.openwall.com/lists/oss-security/2016/09/07/4nvdMailing ListThird Party Advisory
www.openwall.com/lists/oss-security/2016/09/18/8nvdMailing ListThird Party Advisory
www.securityfocus.com/bid/83241nvdThird Party AdvisoryVDB Entry
bugzilla.redhat.com/show_bug.cginvdIssue Tracking

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000