Описание
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
A flaw was found in Ghostscript/base/gp_utf8.c. This vulnerability allows directory traversal via overlong UTF-8 encoding, potentially leading to unauthorized access to filesystem directories.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | ghostscript | Out of support scope | ||
| Red Hat Enterprise Linux 8 | gimp:flatpak/ghostscript | Will not fix | ||
| Red Hat Enterprise Linux 10 | ghostscript | Fixed | RHSA-2025:7499 | 13.05.2025 |
| Red Hat Enterprise Linux 8 | ghostscript | Fixed | RHSA-2025:4362 | 30.04.2025 |
| Red Hat Enterprise Linux 9 | ghostscript | Fixed | RHSA-2025:7422 | 13.05.2025 |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
7.8 High
CVSS3
Связанные уязвимости
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Gh ...
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
7.8 High
CVSS3