In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file.
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-18023.json"
[ { "events": [ { "introduced": "0" }, { "last_affected": "7.0.8-13-q16" } ] } ]