DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2024-33869

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-33869

CGA ID

CGA-gj9j-7pv9-pqq9

Description

An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur (via a crafted PostScript document) because of path reduction in base/gpmisc.c. For example, restrictions on use of %pipe% can be bypassed via the aa/../%pipe%command# output filename.

References

  • https://images.chainguard.dev/security/CGA-gj9j-7pv9-pqq9

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images