ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted DICOM image, related to the ability of DCM_ReadNonNativeImages to yield an image list with zero frames.
https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html
https://sourceforge.net/p/graphicsmagick/bugs/512/