In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file. https://nvd.nist.gov/vuln/detail/CVE-2017-9262