Описание
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 10.05.0dfsg1-0ubuntu2 |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | released | 9.50~dfsg-5ubuntu4.15+esm1 |
| esm-infra/xenial | not-affected | code not present |
| focal | ignored | end of standard support, was needs-triage |
| jammy | released | 9.55.0~dfsg1-0ubuntu5.12 |
| noble | released | 10.02.1~dfsg1-0ubuntu7.7 |
| oracular | released | 10.03.1~dfsg1-0ubuntu2.4 |
| plucky | released | 10.05.0dfsg1-0ubuntu1.1 |
| upstream | released | 10.05.1~dfsg-1 |
Показывать по
EPSS
4 Medium
CVSS3
Связанные уязвимости
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext.
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext.
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscri ...
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript through 10.05.0 lacks argument sanitization for the # case.
Уязвимость функции gs_lib_ctx_stash_sanitized_arg файла base/gslibctx.c набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
4 Medium
CVSS3