CVE-2024-46953

Published: Nov 10, 2024

Modified: Nov 3, 2025

PUBLISHED

Description

An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugs.ghostscript.com/show_bug.cgi?id=707793

https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html

https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/

https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=1f21a45df0fa3abec4cff12951022b192dda3c00

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-46953

Description

Affected Products

References