ГлавнаяУязвимости → CVE-2024-46951
7.8высокая

CVE-2024-46951

→ есть в БДУ: BDU:2024-09419 (на русском)
Описание (на английском; русское — в БДУ выше)

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.

Затрагиваемое ПО
Artifex GhostscriptDebian Debian linuxSuse Linux enterprise high performance computingSuse Linux enterprise serverSuse Linux enterprise server for sap
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://bugs.ghostscript.com/show_bug.cgi?id=707991https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.htmlhttps://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/https://lists.debian.org/debian-lts-announce/2024/11/msg00023.html