CVE-2023-5349

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions ruby-magick (affected versions not specified)

Description The issue is related to memory leak errors in the ruby-magick interface between Ruby and the ImageMagick library. This can lead to a denial of service (DOS) by memory exhaustion, potentially allowing a remote attacker to cause a service disruption.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Memory Leak

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-400

Related Identifiers

BDU:2024-01876

CVE-2023-5349

DLA-3625-1

DLA-4433-1

GHSA-FRGF-8JR5-J2JV

USN-6960-1

Affected Products

Debian

Imagemagick

Linuxmint

Ubuntu

Ruby-Magick

CVE-2023-5349

Weakness Enumeration

Related Identifiers

Affected Products

References · 27