Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2024-29508

Published: July 4, 2024Last modified: June 17, 2025

Description

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc.

Severity score breakdown

ParameterValue
Base score3.3
Attack VectorLOCAL
Attack complexityLOW
Privileges requiredLOW
User interactionNONE
ScopeUNCHANGED
ConfidentialityLOW
Integrity impactNONE
Availability impactNONE
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSghostscriptVulnerable (10.0.0-r0)
StreamghostscriptFixed (10.03.1-r0)

References

ON THIS PAGE