Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device.
CVSS Details
- CVSS 3.1 Base Score: 6.3
- CVSS 3.1 Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N)
Covered by Rapid7
| Product | Vendor Advisory | Solution File | Added | Published |
|---|---|---|---|---|
| Alma_linux | alma-upgrade-ghostscriptalma-upgrade-ghostscript-docalma-upgrade-ghostscript-tools-dvipdfalma-upgrade-ghostscript-tools-fontsalma-upgrade-ghostscript-tools-printingalma-upgrade-ghostscript-x11alma-upgrade-libgsalma-upgrade-libgs-devel | Sep 5, 2024 | Jul 3, 2024 | |
| Alpine Linux | alpine-linux-upgrade-ghostscript | Aug 22, 2024 | Jul 3, 2024 | |
| Amazon Linux Ami 2 | amazon-linux-ami-2-upgrade-ghostscriptamazon-linux-ami-2-upgrade-ghostscript-cupsamazon-linux-ami-2-upgrade-ghostscript-debuginfoamazon-linux-ami-2-upgrade-ghostscript-docamazon-linux-ami-2-upgrade-ghostscript-gtkamazon-linux-ami-2-upgrade-libgsamazon-linux-ami-2-upgrade-libgs-devel | Jul 23, 2024 | Jul 3, 2024 | |
| Amazon_linux_2023 | amazon-linux-2023-upgrade-ghostscriptamazon-linux-2023-upgrade-ghostscript-debuginfoamazon-linux-2023-upgrade-ghostscript-debugsourceamazon-linux-2023-upgrade-ghostscript-docamazon-linux-2023-upgrade-ghostscript-gtkamazon-linux-2023-upgrade-ghostscript-gtk-debuginfoamazon-linux-2023-upgrade-ghostscript-tools-dvipdfamazon-linux-2023-upgrade-ghostscript-tools-fontsamazon-linux-2023-upgrade-ghostscript-tools-printingamazon-linux-2023-upgrade-ghostscript-x11amazon-linux-2023-upgrade-ghostscript-x11-debuginfoamazon-linux-2023-upgrade-libgsamazon-linux-2023-upgrade-libgs-debuginfoamazon-linux-2023-upgrade-libgs-devel | Feb 17, 2025 | May 16, 2024 | |
| Debian | debian-upgrade-ghostscript | May 17, 2024 | May 17, 2024 | |
| Gentoo Linux | gentoo-linux-upgrade-app-text-ghostscript-gpl | Sep 23, 2024 | Jul 3, 2024 | |
| Ghostscript | ghostscript-upgrade-latest | Nov 19, 2024 | Jul 3, 2024 | |
| Huawei Euleros 2_0_sp10 | huawei-euleros-2_0_sp10-upgrade-ghostscripthuawei-euleros-2_0_sp10-upgrade-ghostscript-help | Oct 8, 2024 | Jul 3, 2024 | |
| Huawei Euleros 2_0_sp9 | huawei-euleros-2_0_sp9-upgrade-ghostscripthuawei-euleros-2_0_sp9-upgrade-ghostscript-help | Oct 8, 2024 | Jul 3, 2024 | |
| Oracle_linux | — | oracle-linux-upgrade-ghostscriptoracle-linux-upgrade-ghostscript-docoracle-linux-upgrade-ghostscript-tools-dvipdforacle-linux-upgrade-ghostscript-tools-fontsoracle-linux-upgrade-ghostscript-tools-printingoracle-linux-upgrade-ghostscript-x11oracle-linux-upgrade-libgsoracle-linux-upgrade-libgs-devel | Oct 16, 2024 | May 16, 2024 |
| Redhat_linux | redhat-upgrade-ghostscriptredhat-upgrade-ghostscript-debuginforedhat-upgrade-ghostscript-debugsourceredhat-upgrade-ghostscript-docredhat-upgrade-ghostscript-gtk-debuginforedhat-upgrade-ghostscript-tools-dvipdfredhat-upgrade-ghostscript-tools-fontsredhat-upgrade-ghostscript-tools-printingredhat-upgrade-ghostscript-x11redhat-upgrade-ghostscript-x11-debuginforedhat-upgrade-libgsredhat-upgrade-libgs-debuginforedhat-upgrade-libgs-devel | Sep 10, 2024 | Jul 3, 2024 | |
| Rocky_linux | rocky-upgrade-ghostscriptrocky-upgrade-ghostscript-debuginforocky-upgrade-ghostscript-debugsourcerocky-upgrade-ghostscript-tools-dvipdfrocky-upgrade-ghostscript-tools-fontsrocky-upgrade-ghostscript-tools-printingrocky-upgrade-ghostscript-x11rocky-upgrade-ghostscript-x11-debuginforocky-upgrade-libgsrocky-upgrade-libgs-debuginforocky-upgrade-libgs-devel | May 8, 2025 | Jul 3, 2024 | |
| Suse | — | suse-upgrade-ghostscriptsuse-upgrade-ghostscript-develsuse-upgrade-ghostscript-x11 | Jul 3, 2024 | Jul 2, 2024 |
| Ubuntu | ubuntu-upgrade-ghostscriptubuntu-upgrade-ghostscript-docubuntu-upgrade-ghostscript-xubuntu-upgrade-libgs-commonubuntu-upgrade-libgs-devubuntu-upgrade-libgs10ubuntu-upgrade-libgs10-commonubuntu-upgrade-libgs9ubuntu-upgrade-libgs9-common | Jun 21, 2024 | Jun 17, 2024 |
Prioritise with Active Threat Intelligence
With curated Threat Intelligence, you can see which vulnerabilities truly put you at risk, prioritize what matters most, and act before attackers do.
Explore Intelligence Hub