{"id":"CVE-2018-9018","details":"In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.","modified":"2026-04-16T06:21:22.242862850Z","published":"2018-03-25T21:29:00.250Z","related":["SUSE-SU-2018:1036-1","SUSE-SU-2018:1129-1","SUSE-SU-2018:1178-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4321"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/103526"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2018/03/msg00025.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"},{"type":"REPORT","url":"https://sourceforge.net/p/graphicsmagick/bugs/554/"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.3.28"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-9018.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}