Ruby/rmagick/3.1.0
RMagick is an interface between Ruby and ImageMagick.
https://rubygems.org/gems/rmagick
MIT
2 Security Vulnerabilities
memory leak flaw was found in ruby-magick
Published date: 2023-10-30T21:33:39Z
CVE: CVE-2023-5349
Links:
- https://nvd.nist.gov/vuln/detail/CVE-2023-5349
- https://github.com/rmagick/rmagick/issues/1401
- https://github.com/rmagick/rmagick/pull/1406
- https://access.redhat.com/security/cve/CVE-2023-5349
- https://bugzilla.redhat.com/show_bug.cgi?id=2247064
- https://github.com/rmagick/rmagick/commit/02f37ca0d6c2b8fff316e0668efa690f5c90a429
- https://github.com/rmagick/rmagick/commit/fec7a7e639ae565386f7615155dbcf49b957b64a
- https://github.com/advisories/GHSA-frgf-8jr5-j2jv
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rmagick/CVE-2023-5349.yml
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S3XMQ2KWPYGT447EKPENGXXHKAQ5NUWF/
A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue can lead to a denial of service (DOS) by memory exhaustion.
Affected versions:
["4.2.1", "4.2.0", "4.1.2", "4.1.1", "4.1.0", "4.1.0.rc2", "4.1.0.rc1", "4.0.0", "3.2.0", "3.1.0", "3.0.0", "2.16.0", "2.15.4", "2.15.3", "2.15.2", "2.15.1", "2.15.0", "2.14.0", "2.13.4", "2.13.3", "2.13.3.rc1", "2.13.2", "2.13.1", "2.12.2", "2.12.1", "2.12.0", "2.11.1", "2.11.0", "2.10.0", "2.9.2", "2.9.1", "2.9.0", "2.8.0", "2.7.2", "2.7.1", "2.7.0", "2.6.0", "2.5.2", "2.5.1", "2.5.0", "2.4.0", "2.3.0", "2.2.2", "2.2.0", "2.1.0", "2.0.0", "1.15.17", "1.15.16", "1.15.15", "1.15.14", "1.15.13", "1.15.12", "1.15.11", "1.15.10", "1.15.9", "1.15.8", "1.15.7", "1.15.6", "1.15.5", "1.15.4", "1.15.3", "1.15.2", "1.15.1", "1.15.0", "1.14.1", "1.14.0", "1.13.0", "1.12.0", "1.11.1", "1.11.0", "1.10.1", "1.10.0", "1.9.3", "1.9.2", "1.9.1", "1.9.0", "1.8.3", "1.8.2", "1.8.1", "1.8.0", "1.7.4", "1.7.3", "1.7.2", "1.7.1", "4.2.2", "4.2.3", "4.2.4", "4.2.5", "4.2.6", "4.3.0", "5.0.0", "5.1.0", "5.2.0"]
Secure versions:
[5.3.0, 5.4.0, 5.4.1, 5.4.2, 5.4.3, 5.4.4, 5.5.0, 6.0.0, 6.0.1, 6.1.0, 6.1.1]
Recommendation:
Update to version 6.1.1.
memory leak flaw was found in ruby-magick
Published date: 2023-10-30
CVE: 2023-5349
CVSS V3: 5.3
A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue can lead to a denial of service (DOS) by memory exhaustion.
Affected versions:
["4.2.1", "4.2.0", "4.1.2", "4.1.1", "4.1.0", "4.1.0.rc2", "4.1.0.rc1", "4.0.0", "3.2.0", "3.1.0", "3.0.0", "2.16.0", "2.15.4", "2.15.3", "2.15.2", "2.15.1", "2.15.0", "2.14.0", "2.13.4", "2.13.3", "2.13.3.rc1", "2.13.2", "2.13.1", "2.12.2", "2.12.1", "2.12.0", "2.11.1", "2.11.0", "2.10.0", "2.9.2", "2.9.1", "2.9.0", "2.8.0", "2.7.2", "2.7.1", "2.7.0", "2.6.0", "2.5.2", "2.5.1", "2.5.0", "2.4.0", "2.3.0", "2.2.2", "2.2.0", "2.1.0", "2.0.0", "1.15.17", "1.15.16", "1.15.15", "1.15.14", "1.15.13", "1.15.12", "1.15.11", "1.15.10", "1.15.9", "1.15.8", "1.15.7", "1.15.6", "1.15.5", "1.15.4", "1.15.3", "1.15.2", "1.15.1", "1.15.0", "1.14.1", "1.14.0", "1.13.0", "1.12.0", "1.11.1", "1.11.0", "1.10.1", "1.10.0", "1.9.3", "1.9.2", "1.9.1", "1.9.0", "1.8.3", "1.8.2", "1.8.1", "1.8.0", "1.7.4", "1.7.3", "1.7.2", "1.7.1", "4.2.2", "4.2.3", "4.2.4", "4.2.5", "4.2.6", "4.3.0", "5.0.0", "5.1.0", "5.2.0"]
Secure versions:
[5.3.0, 5.4.0, 5.4.1, 5.4.2, 5.4.3, 5.4.4, 5.5.0, 6.0.0, 6.0.1, 6.1.0, 6.1.1]
Recommendation:
Update to version 6.1.1.
104 Other Versions
| Version | License | Security | Released | |
|---|---|---|---|---|
| 6.1.1 | MIT | 2025-02-01 - 08:23 | 3 months | |
| 6.1.0 | MIT | 2025-01-18 - 05:33 | 4 months | |
| 6.0.1 | MIT | 2024-05-15 - 02:53 | 12 months | |
| 6.0.0 | MIT | 2024-05-02 - 14:46 | about 1 year | |
| 5.5.0 | MIT | 2024-04-06 - 19:29 | about 1 year | |
| 5.4.4 | MIT | 2024-02-15 - 23:35 | about 1 year | |
| 5.4.3 | MIT | 2024-02-14 - 00:05 | about 1 year | |
| 5.4.2 | MIT | 2024-02-11 - 18:05 | about 1 year | |
| 5.4.1 | MIT | 2024-02-05 - 20:22 | over 1 year | |
| 5.4.0 | MIT | 2024-02-04 - 19:52 | over 1 year | |
| 5.3.0 | MIT | 2023-07-19 - 17:37 | almost 2 years | |
| 5.2.0 | MIT | 2 | 2023-03-12 - 18:45 | about 2 years |
| 5.1.0 | MIT | 2 | 2022-11-15 - 03:52 | over 2 years |
| 5.0.0 | MIT | 2 | 2022-10-06 - 19:05 | over 2 years |
| 4.3.0 | MIT | 2 | 2022-09-23 - 21:58 | over 2 years |
| 4.2.6 | MIT | 2 | 2022-07-15 - 16:57 | almost 3 years |
| 4.2.5 | MIT | 2 | 2022-04-06 - 02:59 | about 3 years |
| 4.2.4 | MIT | 2 | 2021-12-27 - 03:43 | over 3 years |
| 4.2.3 | MIT | 2 | 2021-10-10 - 17:50 | over 3 years |
| 4.2.2 | MIT | 2 | 2021-02-24 - 01:32 | about 4 years |
| 4.2.1 | MIT | 2 | 2021-02-08 - 05:16 | about 4 years |
| 4.2.0 | MIT | 2 | 2021-02-05 - 19:02 | over 4 years |
| 4.1.2 | MIT | 2 | 2020-04-13 - 15:22 | about 5 years |
| 4.1.1 | MIT | 2 | 2020-03-28 - 05:15 | about 5 years |
| 4.1.0 | MIT | 2 | 2020-03-22 - 15:55 | about 5 years |
| 4.1.0.rc2 | MIT | 2 | 2019-09-17 - 17:12 | over 5 years |
| 4.1.0.rc1 | MIT | 2 | 2019-09-12 - 17:34 | over 5 years |
| 4.0.0 | MIT | 2 | 2019-07-11 - 18:08 | almost 6 years |
| 3.2.0 | MIT | 2 | 2019-06-16 - 15:57 | almost 6 years |
| 3.1.0 | MIT | 2 | 2019-04-15 - 05:55 | about 6 years |
| 3.0.0 | MIT | 2 | 2019-02-16 - 00:22 | about 6 years |
| 2.16.0 | MIT | 2 | 2016-08-15 - 09:12 | over 8 years |
| 2.15.4 | MIT | 2 | 2015-08-14 - 18:06 | over 9 years |
| 2.15.3 | MIT | 2 | 2015-07-21 - 16:33 | almost 10 years |
| 2.15.2 | MIT | 2 | 2015-06-02 - 15:09 | almost 10 years |
| 2.15.1 | MIT | 2 | 2015-05-30 - 14:21 | almost 10 years |
| 2.15.0 | MIT | 2 | 2015-04-28 - 11:44 | about 10 years |
| 2.14.0 | MIT | 2 | 2015-03-31 - 09:11 | about 10 years |
| 2.13.4 | MIT | 2 | 2014-11-26 - 04:23 | over 10 years |
| 2.13.3 | MIT | 2 | 2014-08-01 - 02:32 | almost 11 years |
| 2.13.3.rc1 | MIT | 2 | 2014-07-27 - 23:21 | almost 11 years |
| 2.13.2 | UNKNOWN | 2 | 2013-02-03 - 19:50 | over 12 years |
| 2.13.1 | UNKNOWN | 2 | 2010-04-05 - 20:34 | about 15 years |
| 2.12.2 | UNKNOWN | 2 | 2009-10-11 - 01:10 | over 15 years |
| 2.12.1 | UNKNOWN | 2 | 2009-10-06 - 10:28 | over 15 years |
| 2.12.0 | UNKNOWN | 2 | 2009-10-05 - 10:20 | over 15 years |
| 2.11.1 | UNKNOWN | 2 | 2009-09-24 - 22:23 | over 15 years |
| 2.11.0 | UNKNOWN | 2 | 2009-08-05 - 13:32 | almost 16 years |
| 2.10.0 | UNKNOWN | 2 | 2009-08-05 - 13:32 | almost 16 years |
| 2.9.2 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 2.9.1 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 2.9.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 2.8.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 2.7.2 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 2.7.1 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 2.7.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 2.6.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 2.5.2 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 2.5.1 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 2.5.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 2.4.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 2.3.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 2.2.2 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 2.2.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 2.1.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 2.0.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.17 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.16 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.15 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.14 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.13 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.12 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.11 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.10 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.9 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.8 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.7 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.6 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.5 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.4 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.3 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.2 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.1 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.15.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.14.1 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.14.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.13.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.12.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.11.1 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.11.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.10.1 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.10.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.9.3 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.9.2 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.9.1 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.9.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.8.3 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.8.2 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.8.1 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |
| 1.8.0 | UNKNOWN | 2 | 2009-07-25 - 17:57 | almost 16 years |