CVE Catalog
CVE-2023-39978
LowCVSS 3.3Exploitation Probability (EPSS)
Low risk0.31%
23th percentile — higher than 23% of all known CVEs
Summary
ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw.
Risk Assessment
Attackers can exploit this vulnerability to exhaust memory resources, potentially leading to service unavailability for applications using ImageMagick.
Recommendation
It is recommended to upgrade ImageMagick to version 6.9.12-91 or later to mitigate the risk associated with this vulnerability.
Original NVD description (English source)
ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw.

