PT-2023-8777 · Unknown+3 · Imagemagick+4

Bastien-Roucaries

Publicado

2023-10-22

Atualizado

2026-01-06

CVE-2023-5349

CVSS v3.1

5.3

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions ruby-magick (affected versions not specified)

Description The issue is related to memory leak errors in the ruby-magick interface between Ruby and the ImageMagick library. This can lead to a denial of service (DOS) by memory exhaustion, potentially allowing a remote attacker to cause a service disruption.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Memory Leak

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-401CWE-400

Identificadores relacionados

BDU:2024-01876

CVE-2023-5349

DLA-3625-1

DLA-4433-1

GHSA-FRGF-8JR5-J2JV

USN-6960-1

Produtos afetados

Debian

Imagemagick

Linuxmint

Ubuntu

Ruby-Magick

PT-2023-8777 · Unknown+3 · Imagemagick+4

CVE-2023-5349

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 27