{"id":"CVE-2023-34153","details":"A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding.","modified":"2026-04-02T09:02:31.815877Z","published":"2023-05-30T22:15:11.143Z","related":["CGA-f6rp-gq4w-9vpf","SUSE-SU-2023:2344-1","openSUSE-SU-2024:13263-1"],"references":[{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/"},{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2023-34153"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2210660"},{"type":"FIX","url":"https://github.com/ImageMagick/ImageMagick/issues/6338"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/imagemagick/imagemagick","events":[{"introduced":"a5513da1b8559fc6789248b7d5afdc1b0bc672e1"},{"fixed":"11ffa6eb4548644a718158daa286295ed3174054"}],"database_specific":{"versions":[{"introduced":"7.1.0-1"},{"fixed":"7.1.1-11"}]}}],"versions":["7.1.0-1","7.1.0-10","7.1.0-11","7.1.0-12","7.1.0-13","7.1.0-14","7.1.0-15","7.1.0-16","7.1.0-17","7.1.0-18","7.1.0-19","7.1.0-2","7.1.0-20","7.1.0-21","7.1.0-22","7.1.0-23","7.1.0-24","7.1.0-25","7.1.0-26","7.1.0-27","7.1.0-28","7.1.0-29","7.1.0-3","7.1.0-30","7.1.0-31","7.1.0-32","7.1.0-33","7.1.0-34","7.1.0-35","7.1.0-36","7.1.0-37","7.1.0-38","7.1.0-39","7.1.0-4","7.1.0-40","7.1.0-41","7.1.0-42","7.1.0-43","7.1.0-44","7.1.0-45","7.1.0-46","7.1.0-47","7.1.0-48","7.1.0-49","7.1.0-5","7.1.0-50","7.1.0-51","7.1.0-52","7.1.0-53","7.1.0-54","7.1.0-55","7.1.0-56","7.1.0-57","7.1.0-58","7.1.0-59","7.1.0-6","7.1.0-60","7.1.0-61","7.1.0-62","7.1.0-7","7.1.0-8","7.1.0-9","7.1.1-0","7.1.1-1","7.1.1-10","7.1.1-2","7.1.1-3","7.1.1-4","7.1.1-5","7.1.1-6","7.1.1-7","7.1.1-8","7.1.1-9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-34153.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"37"}]},{"events":[{"introduced":"0"},{"last_affected":"38"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}