Ghostscript vulnerability allows eexec seeds other than the Type 1 standard
CVE-2023-52722

5.5MEDIUM

Key Information:

Vendor: Artifex
Status: Ghostscript
Vendor: CVE Published:; 28 April 2024

Badges

📰 News Worthy

What is CVE-2023-52722?

An issue was discovered in Artifex Ghostscript before 10.03.1. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard.

News Articles

Sentiguard

CVE-2023-52722 CVE-2024-29510

Kritische Sicherheitslücken in Ghostscript

In Ghostscript, einem Interpreter für PostScript und PDF, wurden mehrere kritische Sicherheitslücken behoben. Diese Schwachstellen betreffen verschiedene…

References

https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.gi...

http://www.openwall.com/lists/oss-security/2024/06/28/2

mailing-list

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by Sentiguard
Jun 21, 2024
Vulnerability published
Apr 28, 2024

CVE-2023-52722 Data

JSON