The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file.
{
"unresolved_ranges": [
{
"cpes": [
"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"
],
"vendor_product": "canonical:ubuntu_linux",
"extracted_events": [
{
"introduced": "14.04"
},
{
"last_affected": "14.04"
},
{
"introduced": "16.04"
},
{
"last_affected": "16.04"
},
{
"introduced": "17.10"
},
{
"last_affected": "17.10"
},
{
"introduced": "18.04"
},
{
"last_affected": "18.04"
}
],
"source": "CPE_STRING"
},
{
"cpes": [
"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"
],
"vendor_product": "debian:debian_linux",
"extracted_events": [
{
"introduced": "8.0"
},
{
"last_affected": "8.0"
},
{
"introduced": "9.0"
},
{
"last_affected": "9.0"
}
],
"source": "CPE_STRING"
}
]
}{
"cpe": "cpe:2.3:a:imagemagick:imagemagick:7.0.7-9:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "7.0.7-9"
},
{
"last_affected": "7.0.7-9"
}
],
"source": [
"CPE_STRING",
"REFERENCES"
]
}[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"239037879911661576146958638240697473991",
"6775137549662369651095735069313677055",
"230263286374246415018531447678239154621",
"167777559930016920714550450146410033513"
]
},
"target": {
"file": "coders/wpg.c"
},
"id": "CVE-2017-16546-1a59bbd4",
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/imagemagick/imagemagick/commit/2130bf6f89ded32ef0c88a11694f107c52566c53",
"deprecated": false
},
{
"digest": {
"function_hash": "120950539745086131144898489314772176044",
"length": 12071.0
},
"target": {
"function": "ReadWPGImage",
"file": "coders/wpg.c"
},
"id": "CVE-2017-16546-71e01bf3",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/imagemagick/imagemagick/commit/e04cf3e9524f50ca336253513d977224e083b816",
"deprecated": false
},
{
"digest": {
"function_hash": "45674372341530071912301067453092590117",
"length": 12161.0
},
"target": {
"function": "ReadWPGImage",
"file": "coders/wpg.c"
},
"id": "CVE-2017-16546-9dbc3eb1",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/imagemagick/imagemagick/commit/2130bf6f89ded32ef0c88a11694f107c52566c53",
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"6775137549662369651095735069313677055",
"230263286374246415018531447678239154621",
"265662654767131670731158258118047212943",
"328812252873929144357777357305708714005"
]
},
"target": {
"file": "coders/wpg.c"
},
"id": "CVE-2017-16546-b18edb87",
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/imagemagick/imagemagick/commit/e04cf3e9524f50ca336253513d977224e083b816",
"deprecated": false
}
]
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16546.json"
"2026-07-08T15:10:43Z"