Ruby/rmagick/2.13.3
RMagick is an interface between Ruby and ImageMagick.
https://rubygems.org/gems/rmagick
MIT
2 Security Vulnerabilities
memory leak flaw was found in ruby-magick
Published date: 2023-10-30T21:33:39Z
CVE: CVE-2023-5349
Links:
- https://nvd.nist.gov/vuln/detail/CVE-2023-5349
- https://github.com/rmagick/rmagick/issues/1401
- https://github.com/rmagick/rmagick/pull/1406
- https://access.redhat.com/security/cve/CVE-2023-5349
- https://bugzilla.redhat.com/show_bug.cgi?id=2247064
- https://github.com/rmagick/rmagick/commit/02f37ca0d6c2b8fff316e0668efa690f5c90a429
- https://github.com/rmagick/rmagick/commit/fec7a7e639ae565386f7615155dbcf49b957b64a
- https://github.com/advisories/GHSA-frgf-8jr5-j2jv
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rmagick/CVE-2023-5349.yml
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S3XMQ2KWPYGT447EKPENGXXHKAQ5NUWF/
A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue can lead to a denial of service (DOS) by memory exhaustion.
Affected versions:
["4.2.1", "4.2.0", "4.1.2", "4.1.1", "4.1.0", "4.1.0.rc2", "4.1.0.rc1", "4.0.0", "3.2.0", "3.1.0", "3.0.0", "2.16.0", "2.15.4", "2.15.3", "2.15.2", "2.15.1", "2.15.0", "2.14.0", "2.13.4", "2.13.3", "2.13.3.rc1", "2.13.2", "2.13.1", "2.12.2", "2.12.1", "2.12.0", "2.11.1", "2.11.0", "2.10.0", "2.9.2", "2.9.1", "2.9.0", "2.8.0", "2.7.2", "2.7.1", "2.7.0", "2.6.0", "2.5.2", "2.5.1", "2.5.0", "2.4.0", "2.3.0", "2.2.2", "2.2.0", "2.1.0", "2.0.0", "1.15.17", "1.15.16", "1.15.15", "1.15.14", "1.15.13", "1.15.12", "1.15.11", "1.15.10", "1.15.9", "1.15.8", "1.15.7", "1.15.6", "1.15.5", "1.15.4", "1.15.3", "1.15.2", "1.15.1", "1.15.0", "1.14.1", "1.14.0", "1.13.0", "1.12.0", "1.11.1", "1.11.0", "1.10.1", "1.10.0", "1.9.3", "1.9.2", "1.9.1", "1.9.0", "1.8.3", "1.8.2", "1.8.1", "1.8.0", "1.7.4", "1.7.3", "1.7.2", "1.7.1", "4.2.2", "4.2.3", "4.2.4", "4.2.5", "4.2.6", "4.3.0", "5.0.0", "5.1.0", "5.2.0"]
Secure versions:
[5.3.0, 5.4.0, 5.4.1, 5.4.2, 5.4.3, 5.4.4, 5.5.0, 6.0.0, 6.0.1, 6.1.0, 6.1.1]
Recommendation:
Update to version 6.1.1.
memory leak flaw was found in ruby-magick
Published date: 2023-10-30
CVE: 2023-5349
CVSS V3: 5.3
A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue can lead to a denial of service (DOS) by memory exhaustion.
Affected versions:
["4.2.1", "4.2.0", "4.1.2", "4.1.1", "4.1.0", "4.1.0.rc2", "4.1.0.rc1", "4.0.0", "3.2.0", "3.1.0", "3.0.0", "2.16.0", "2.15.4", "2.15.3", "2.15.2", "2.15.1", "2.15.0", "2.14.0", "2.13.4", "2.13.3", "2.13.3.rc1", "2.13.2", "2.13.1", "2.12.2", "2.12.1", "2.12.0", "2.11.1", "2.11.0", "2.10.0", "2.9.2", "2.9.1", "2.9.0", "2.8.0", "2.7.2", "2.7.1", "2.7.0", "2.6.0", "2.5.2", "2.5.1", "2.5.0", "2.4.0", "2.3.0", "2.2.2", "2.2.0", "2.1.0", "2.0.0", "1.15.17", "1.15.16", "1.15.15", "1.15.14", "1.15.13", "1.15.12", "1.15.11", "1.15.10", "1.15.9", "1.15.8", "1.15.7", "1.15.6", "1.15.5", "1.15.4", "1.15.3", "1.15.2", "1.15.1", "1.15.0", "1.14.1", "1.14.0", "1.13.0", "1.12.0", "1.11.1", "1.11.0", "1.10.1", "1.10.0", "1.9.3", "1.9.2", "1.9.1", "1.9.0", "1.8.3", "1.8.2", "1.8.1", "1.8.0", "1.7.4", "1.7.3", "1.7.2", "1.7.1", "4.2.2", "4.2.3", "4.2.4", "4.2.5", "4.2.6", "4.3.0", "5.0.0", "5.1.0", "5.2.0"]
Secure versions:
[5.3.0, 5.4.0, 5.4.1, 5.4.2, 5.4.3, 5.4.4, 5.5.0, 6.0.0, 6.0.1, 6.1.0, 6.1.1]
Recommendation:
Update to version 6.1.1.
104 Other Versions
| Version | License | Security | Released | |
|---|---|---|---|---|
| 1.7.4 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.7.3 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.7.2 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.7.1 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |