commit by to_remotes 2023-11-02 12:37:02 +0100 from vmdevac

bundle-audit-time.txt

@@ -1 +1 @@
-2023-11-01T12:10:21+01:00
+2023-11-02T12:37:02+01:00

bundle-audit.json

@@ -1 +1 @@
-{"version":"0.9.1","created_at":"2023-11-01 12:10:21 +0100","results":[]}
+{"version":"0.9.1","created_at":"2023-11-02 12:37:01 +0100","results":[{"type":"unpatched_gem","gem":{"name":"rmagick","version":"5.2.0"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/rmagick/CVE-2023-5349.yml","id":"CVE-2023-5349","url":"https://github.com/advisories/GHSA-frgf-8jr5-j2jv","title":"memory leak flaw was found in ruby-magick","date":"2023-10-30","description":"A memory leak flaw was found in ruby-magick, an interface between\nRuby and ImageMagick. This issue can lead to a denial of service\n(DOS) by memory exhaustion.\n","cvss_v2":null,"cvss_v3":5.3,"cve":"2023-5349","osvdb":null,"ghsa":"frgf-8jr5-j2jv","unaffected_versions":[],"patched_versions":[">= 5.3.0"],"criticality":"medium"}}]}

report.txt

@@ -1 +1,10 @@
-No vulnerabilities found
+Name: rmagick
+Version: 5.2.0
+CVE: CVE-2023-5349
+GHSA: GHSA-frgf-8jr5-j2jv
+Criticality: Medium
+URL: https://github.com/advisories/GHSA-frgf-8jr5-j2jv
+Title: memory leak flaw was found in ruby-magick
+Solution: upgrade to '>= 5.3.0'
+
+Vulnerabilities found!

update-info.txt

@@ -1,7 +1,11 @@
 Updating ruby-advisory-db ...
-Already up to date.
+Updating c558c02..a89b84a
+Fast-forward
+ gems/rmagick/CVE-2023-5349.yml | 26 ++++++++++++++++++++++++++
+ 1 file changed, 26 insertions(+)
+ create mode 100644 gems/rmagick/CVE-2023-5349.yml
 Updated ruby-advisory-db
 ruby-advisory-db:
-  advisories:	823 advisories
+  advisories:	824 advisories
-  last updated:	2023-10-26 06:16:25 -0700
+  last updated:	2023-11-01 05:10:39 -0700
-  commit:	c558c02eab7abeb5bea441ed644881098b6bd5e5
+  commit:	a89b84ace3631a4fc67a58a0433d8bc14d0c401d