Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2023-34475

A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write error, allowing an application to crash, resulting in a denial of service.

See the

CVE page on Mitre.org for more details.

References

MISC: https://access.redhat....
MISC: https://bugzilla.redha...
MISC: https://github.com/Ima...
FEDORA: FEDORA-2023-27548af422
FEDORA: FEDORA-2023-edbdccae2a

Launchpad.net

CVE 2023-34475

Related bugs

References