CVE-2023-5349: memory leak flaw was found in ruby-magick
(updated )
A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue can lead to a denial of service (DOS) by memory exhaustion.
References
- access.redhat.com/security/cve/CVE-2023-5349
- bugzilla.redhat.com/show_bug.cgi?id=2247064
- github.com/advisories/GHSA-frgf-8jr5-j2jv
- github.com/rmagick/rmagick/commit/02f37ca0d6c2b8fff316e0668efa690f5c90a429
- github.com/rmagick/rmagick/commit/fec7a7e639ae565386f7615155dbcf49b957b64a
- github.com/rmagick/rmagick/issues/1401
- github.com/rmagick/rmagick/pull/1406
- nvd.nist.gov/vuln/detail/CVE-2023-5349
Code Behaviors & Features
Detect and mitigate CVE-2023-5349 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →