First published: Mon Oct 30 2023(Updated: )
A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue can lead to a denial of service (DOS) by memory exhaustion.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
rubygems/rmagick | <5.3.0 | 5.3.0 |
Rmagick Rmagick | <5.3.0 | |
Fedoraproject Fedora | =37 | |
debian/ruby-rmagick | <=2.16.0-7<=4.2.3-2 | 6.0.1-2 |
<5.3.0 | ||
=37 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-5349 is a memory leak flaw in ruby-magick, an interface between Ruby and ImageMagick.
CVE-2023-5349 has a severity level of medium (5.3).
CVE-2023-5349 can lead to a denial of service (DOS) by memory exhaustion.
To fix CVE-2023-5349, update ruby-magick to the latest version available.
More information about CVE-2023-5349 can be found at the following references: - [Red Hat Security Advisory](https://access.redhat.com/security/cve/CVE-2023-5349) - [Red Hat Bugzilla](https://bugzilla.redhat.com/show_bug.cgi?id=2247064) - [RMagick GitHub Issue](https://github.com/rmagick/rmagick/issues/1401)