Описание
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext.
A flaw was found in Artifex Ghostscript. This vulnerability may allow arbitrary code execution via a crafted PostScript document.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | ghostscript | Fix deferred | ||
| Red Hat Enterprise Linux 6 | ghostscript | Fix deferred | ||
| Red Hat Enterprise Linux 7 | ghostscript | Fix deferred | ||
| Red Hat Enterprise Linux 8 | ghostscript | Fix deferred | ||
| Red Hat Enterprise Linux 9 | ghostscript | Fix deferred |
Показывать по
Дополнительная информация
Статус:
2.9 Low
CVSS3
Связанные уязвимости
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext.
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext.
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscri ...
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript through 10.05.0 lacks argument sanitization for the # case.
Уязвимость функции gs_lib_ctx_stash_sanitized_arg файла base/gslibctx.c набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
2.9 Low
CVSS3