Launchpad.net

CVE 2017-17503

ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.

See the CVE page on Mitre.org for more details.