CVE-2023-5341

Imagemagick: heap use-after-free in coders/bmp.c

Published: 11/19/2023 Last updated: 11/20/2025 Reserved: 10/2/2023

A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Version	Score	Severity	Vector String
3.1	6.2	Medium	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Product	Vendor	Version
Red Hat Enterprise Linux 6	Red Hat	< V2.17.0
Red Hat Enterprise Linux 7	Red Hat	< V2.17.0

Red Hat would like to thank Hardik shah of Vehere (Dawn Treaders team) for reporting this issue.
Red Hat would like to thank Hardik shah of Vehere (Dawn Treaders team) for reporting this issue.