← Back

CVE-2023-5349

nvd nist
Published: Oct 30, 2023Modified: Jan 5, 2026

JSON object

Loading...
3.3
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Exploitability: 1.8 / Impact: 1.4
Source: NVD

Description

A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue can lead to a denial of service (DOS) by memory exhaustion.

Affected (2)

Rmagick
1 product
Rmagick
Fedoraproject
1 product
Fedora
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Rmagick
Before 5.3.0
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Fedora
Version 37

Related CWEs

CWE-401
Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (12)

Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Issue TrackingThird Party Advisory
Source: secalert@redhat.com
ExploitIssue TrackingThird Party Advisory
Source: secalert@redhat.com
Patch
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue TrackingThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.