cpe:/a:graphicsmagick:graphicsmagick:1.3.26 cpe:/o:debian:debian_linux:9.0 CVE-2017-15238 2017-10-10T23:29:00.337-04:00 2019-06-29T23:15:11.993-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov DEBIAN DSA-4321 FEDORA FEDORA-2019-425a1aa7c9 FEDORA FEDORA-2019-da4c20882c CONFIRM http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=93bdb9b30076 CONFIRM http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=df946910910d CONFIRM https://sourceforge.net/p/graphicsmagick/bugs/469/ ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage.