Medium severity6.5NVD Advisory· Published Sep 9, 2018· Updated Jun 17, 2026
CVE-2018-16749
CVE-2018-16749
Description
In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11- Range: <=7.0.7-29
- osv-coords10 versionspkg:rpm/suse/GraphicsMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/GraphicsMagick&distro=SUSE%20Studio%20Onsite%201.3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3
< 1.2.5-78.72.1+ 9 more
- (no CPE)range: < 1.2.5-78.72.1
- (no CPE)range: < 1.2.5-78.72.1
- (no CPE)range: < 6.8.8.1-71.79.1
- (no CPE)range: < 6.4.3.6-78.74.1
- (no CPE)range: < 6.8.8.1-71.79.1
- (no CPE)range: < 6.4.3.6-78.74.1
- (no CPE)range: < 6.8.8.1-71.79.1
- (no CPE)range: < 6.4.3.6-78.74.1
- (no CPE)range: < 6.8.8.1-71.79.1
- (no CPE)range: < 6.8.8.1-71.79.1
Patches
Vulnerability mechanics
References
5- github.com/ImageMagick/ImageMagick6/commit/1007b98f8795ad4bea6bc5f68a32d83e982fdae4nvdPatchThird Party Advisory
- github.com/ImageMagick/ImageMagick/issues/1119nvdExploitIssue TrackingPatchThird Party Advisory
- lists.debian.org/debian-lts-announce/2018/10/msg00002.htmlnvdThird Party Advisory
- lists.debian.org/debian-lts-announce/2020/09/msg00007.htmlnvdMailing ListThird Party Advisory
- usn.ubuntu.com/3785-1/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.