A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue can lead to a denial of service (DOS) by memory exhaustion.
References
Link | Resource |
---|---|
https://access.redhat.com/security/cve/CVE-2023-5349 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2247064 | Issue Tracking Third Party Advisory |
https://github.com/rmagick/rmagick/issues/1401 | Exploit Issue Tracking Third Party Advisory |
https://github.com/rmagick/rmagick/pull/1406 | Patch |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S3XMQ2KWPYGT447EKPENGXXHKAQ5NUWF/ | |
https://access.redhat.com/security/cve/CVE-2023-5349 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2247064 | Issue Tracking Third Party Advisory |
https://github.com/rmagick/rmagick/issues/1401 | Exploit Issue Tracking Third Party Advisory |
https://github.com/rmagick/rmagick/pull/1406 | Patch |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S3XMQ2KWPYGT447EKPENGXXHKAQ5NUWF/ |
Configurations
History
21 Nov 2024, 08:41
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-30 21:15
Updated : 2024-11-21 08:41
NVD link : CVE-2023-5349
Mitre link : CVE-2023-5349
CVE.ORG link : CVE-2023-5349
JSON object : View
Products Affected
rmagick
- rmagick
fedoraproject
- fedora
CWE
CWE-401
Missing Release of Memory after Effective Lifetime