cpe:/a:graphicsmagick:graphicsmagick:1.3.31 cpe:/o:debian:debian_linux:8.0 CVE-2018-20189 2018-12-17T15:29:00.247-05:00 2019-01-08T09:52:37.910-05:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov 2019-01-07T14:13:53.070-05:00 BID 106227 MLIST [debian-lts-announce] 20181227 [SECURITY] [DLA 1619-1] graphicsmagick security update MISC http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/648e2b406589 MISC https://sourceforge.net/p/graphicsmagick/bugs/585/ In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization.