31 matches found
MiracleLinux 9 : ghostscript-9.54.0-10.el9 (AXSA:2023-6481:03)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6481:03 advisory. ghostscript: vulnerable to OS command injection due to mishandles permission validation for pipe devices CVE-2023-36664 Tenable has extracted the preceding...
Alibaba Cloud Linux 3 : 0127: ghostscript (ALINUX3-SA-2023:0127)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0127 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-36664: Artifex Ghostscript through 10.01.2...
Fedora: Security Advisory (FEDORA-2023-b240ebd9aa)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : ghostscript (ALAS-2024-2544)
The version of ghostscript installed on the remote host is prior to 9.54.0-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2544 advisory. Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe...
Exploit for Files or Directories Accessible to External Parties in Artifex Ghostscript
Ghostscript command injection vulnerability PoC CVE-2023-3666...
EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2023-2809)
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...
EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2023-2895)
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...
EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2023-2785)
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...
Advisory ROSA-SA-2023-2318
software: ghostscript 9.54.0 OS: ROSA-CHROME packageevrstring: ghostscript-9.54.0-9.src.rpm CVE-ID: CVE-2023-36664 BDU-ID: 2023-03466 CVE-Crit: HIGH CVE-DESC.: A vulnerability exists in the Ghostscript document processing, conversion, and generation software suite due to failure to take measures ...
Exploit for Files or Directories Accessible to External Parties in Artifex Ghostscript
CVE-2023-36664 : Ghostscript remote code execution Proof of c...
ghostscript security update
9.54.0-14 - fix for CVE-2023-43115 - Resolves: RHEL-10184 9.54.0-13 - fix for CVE-2023-38559 - Resolves: rhbz2224372 9.54.0-12 - fix for CVE-2023-36664 - Resolves: rhbz2217810...
ghostscript security and bug fix update
9.54.0-13 - fix for CVE-2023-38559 - Resolves: rhbz2224372 9.54.0-12 - fix for CVE-2023-36664 - Resolves: rhbz2217810...
Fedora 39 : ghostscript (2023-b240ebd9aa)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-b240ebd9aa advisory. Automatic update for ghostscript-10.01.2-1.fc39. Changelog Fri Jul 14 2023 Michael J Gruber - 10.01.2-1 - rebase to bugfix release 10.01.2 rhbz2182090 - fix...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2023-2895)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ghostscript security update
9.54.0-10 - fix for CVE-2023-36664 - Resolves: rhbz2217798...
Oracle Linux 9 : ghostscript (ELSA-2023-5459)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5459 advisory. - fix for CVE-2023-36664 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested...
Important: ghostscript security update
The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: vulnerable to OS command injection due to mishandles permission validatio...
Mageia: Security Advisory (MGASA-2023-0260)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2023-1604 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal...
Important: Red Hat Security Advisory: ghostscript security update
An update for ghostscript is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...