{"id":"CVE-2017-14103","details":"The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-11403.","modified":"2026-03-12T22:35:15.677886Z","published":"2017-09-01T13:29:00.477Z","related":["SUSE-SU-2018:0349-1","SUSE-SU-2018:0350-1","SUSE-SU-2018:0413-1"],"references":[{"type":"FIX","url":"http://hg.code.sf.net/p/graphicsmagick/code/rev/98721124e51f"},{"type":"FIX","url":"https://blogs.gentoo.org/ago/2017/09/01/graphicsmagick-use-after-free-in-closeblob-blob-c-incomplete-fix-for-cve-2017-11403/"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.3.26"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-14103.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}