25 matches found
EUVD-2023-40608
Malicious code in bioql PyPI...
Exploit for Files or Directories Accessible to External Parties in Artifex Ghostscript
Ghostscript command injection vulnerability PoC CVE-2023-3666...
Fedora 39 : ghostscript (2023-b240ebd9aa)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-b240ebd9aa advisory. Automatic update for ghostscript-10.01.2-1.fc39. Changelog Fri Jul 14 2023 Michael J Gruber - 10.01.2-1 - rebase to bugfix release 10.01.2 rhbz2182090 - fix...
ghostscript: vulnerable to OS command injection due to mishandles permission validation for pipe devices
A vulnerability was found in Ghostscript. This flaw occurs due to a mishandled permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2023-2809)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2023-1607 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal...
Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2023-276)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-276 advisory. Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix. CVE-2023-36664 Tenable has extracted the preceding descriptio...
CVE-2023-36664 - Artifex Ghostscript through 10.01.2 mishandles permission validation
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...
Fedora 37 : ghostscript (2023-83c805b441)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-83c805b441 advisory. fix for CVE-2023-36664 rhbz2217805 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
SUSE-SU-2023:2844-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - CVE-2023-36664: Fixed permission validation mishandling for pipe devices with the %pipe% prefix or the | pipe character prefix bsc1212711...
Fedora 38 : ghostscript (2023-d8a1c3e5e2)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-d8a1c3e5e2 advisory. rebase to bugfix release 10.01.2 rhbz2182090 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Ness...
USN-6213-1 ghostscript vulnerability
It was discovered that Ghostscript incorrectly handled pipe devices. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code...
USN-6213-1: Ghostscript vulnerability
It was discovered that Ghostscript incorrectly handled pipe devices. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code...
Debian DSA-5446-1 : ghostscript - security update
The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5446 advisory. - Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix. CVE-2023-36664 Note tha...
CVE-2023-36664
A vulnerability was found in Ghostscript. This flaw occurs due to a mishandled permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...
CVE-2023-36664
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...
ALPINE-CVE-2023-36664
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...
CVE-2023-36664
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...
CVE-2023-36664
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...
UBUNTU-CVE-2023-36664
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...