Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2023-4042

Опубликовано: 23 авг. 2023
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.

Отчет

CVE-2020-16305 affected Red Hat Enterprise Linux 6, 7, and 8, but was only intended to be fixed in Red Hat Enterprise Linux 8. (https://access.redhat.com/errata/RHSA-2021:1852 (Red Hat Enterprise Linux 8.4) That errata provided updates for ghostscript packages, but did not include fixes for CVE-2020-16305 as it was claimed. For more details about the original security issue CVE-2020-16305, refer to the CVE page: https://access.redhat.com/security/cve/CVE-2020-16305.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6ghostscriptNot affected
Red Hat Enterprise Linux 7ghostscriptNot affected
Red Hat Enterprise Linux 8gimp:flatpak/ghostscriptAffected
Red Hat Enterprise Linux 9ghostscriptNot affected
Red Hat Enterprise Linux 8ghostscriptFixedRHSA-2023:705314.11.2023

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=2228151ghostscript: Incomplete fix for CVE-2020-16305

EPSS

Процентиль: 6%
0.00027
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-4042

CVSS3: 5.5
ubuntu
почти 2 года назад

A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.

nvd логотип

CVE-2023-4042

CVSS3: 5.5
nvd
почти 2 года назад

A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.

debian логотип

CVE-2023-4042

CVSS3: 5.5
debian
почти 2 года назад

A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostsc ...

github логотип

GHSA-jgj3-64jr-4g3x

CVSS3: 5.5
github
почти 2 года назад

A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.

fstec логотип

BDU:2024-01903

CVSS3: 5.5
fstec
почти 2 года назад

Уязвимость набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript для операционной системы Red Hat Enterprise Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 6%
0.00027
Низкий

5.5 Medium

CVSS3