Описание
An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gp_mswin.c and base/winrtsup.cpp.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 10.05.0dfsg1-0ubuntu1 |
| esm-infra/bionic | not-affected | windows specific |
| esm-infra/focal | not-affected | windows specific |
| esm-infra/xenial | not-affected | windows specific |
| focal | not-affected | windows specific |
| jammy | not-affected | windows specific |
| noble | not-affected | windows specific |
| oracular | not-affected | windows specific |
| upstream | released | 10.05.0~dfsg-1 |
Показывать по
Ссылки на источники
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gp_mswin.c and base/winrtsup.cpp.
An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gp_mswin.c and base/winrtsup.cpp.
An issue was discovered in Artifex Ghostscript before 10.05.0. Access ...
An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gp_mswin.c and base/winrtsup.cpp.
Уязвимость функции gp_open_scratch_file_impl() файлов base/gp_mswin.c и base/winrtsup.cpp набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю читать произвольные файлы
EPSS
9.8 Critical
CVSS3