Discovery API Icon
Discovery API
Security Advisory Icon
Security Advisory
Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2024-29510

Published: May 10, 2024Last modified: August 19, 2024

Description

Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device.

Severity score breakdown

ParameterValue
Base score6.3
Attack VectorLOCAL
Attack complexityLOW
Privileges requiredNONE
User interactionREQUIRED
ScopeCHANGED
ConfidentialityHIGH
Integrity impactNONE
Availability impactNONE
VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSghostscriptFixed (10.01.2-r2)
StreamghostscriptFixed (10.03.1-r0)

References

ON THIS PAGE