Lack of data validation - Path Traversal In ghostscript
Description
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 alpine v3.18 | =10.0.0-r0 || =10.0.0-r1 || =10.0.0-r2 || =10.01.0-r0 || =10.01.0-r1 || =10.01.1-r0 || =10.01.1-r1 || =10.01.2-r0 || =10.02.0-r0 || =8.64-r0 || =8.70-r0 || =8.71-r0 || =8.71-r1 || =8.71-r2 || =8.71-r3 || =8.71-r4 || =9.00-r0 || =9.00-r1 || =9.00-r2 || =9.04-r0 || =9.05-r0 || =9.05-r1 || =9.06-r0 || =9.06-r1 || =9.06-r2 || =9.06-r3 || =9.07-r0 || =9.09-r0 || =9.09-r1 || =9.10-r0 || =9.10-r1 || =9.15-r0 || =9.15-r1 || =9.16-r0 || =9.16-r1 || =9.16-r2 || =9.18-r0 || =9.19-r0 || =9.19-r1 || =9.20-r0 || =9.20-r1 || =9.21-r0 || =9.21-r1 || =9.21-r2 || =9.21-r3 || =9.22-r0 || =9.24-r0 || =9.25-r0 || =9.25-r1 || =9.26-r0 || =9.26-r1 || =9.26-r2 || =9.27-r0 || =9.27-r1 || =9.27-r2 || =9.27-r3 || =9.27-r4 || =9.50-r0 || =9.51-r0 || =9.52-r0 || =9.53.1-r0 || =9.53.2-r0 || =9.53.3-r0 || =9.54.0-r0 || =9.54.0-r1 || =9.55.0-r0 || =9.56.1-r0 || >=0 <10.04.0-r0 | 10.04.0-r0 | |
 debian 12 | =10.0.0~dfsg-11 || =10.0.0~dfsg-11+deb12u1 || =10.0.0~dfsg-11+deb12u2 || =10.0.0~dfsg-11+deb12u3 || =10.0.0~dfsg-11+deb12u4 || =10.0.0~dfsg-11+deb12u5 || >=0 <10.0.0~dfsg-11+deb12u6 | 10.0.0~dfsg-11+deb12u6 | |
alpine v3.19 | =10.0.0-r0 || =10.0.0-r1 || =10.0.0-r2 || =10.01.0-r0 || =10.01.0-r1 || =10.01.1-r0 || =10.01.1-r1 || =10.01.1-r2 || =10.01.2-r0 || =10.02.0-r0 || =10.02.0-r1 || =10.02.1-r0 || =10.03.1-r0 || =8.64-r0 || =8.70-r0 || =8.71-r0 || =8.71-r1 || =8.71-r2 || =8.71-r3 || =8.71-r4 || =9.00-r0 || =9.00-r1 || =9.00-r2 || =9.04-r0 || =9.05-r0 || =9.05-r1 || =9.06-r0 || =9.06-r1 || =9.06-r2 || =9.06-r3 || =9.07-r0 || =9.09-r0 || =9.09-r1 || =9.10-r0 || =9.10-r1 || =9.15-r0 || =9.15-r1 || =9.16-r0 || =9.16-r1 || =9.16-r2 || =9.18-r0 || =9.19-r0 || =9.19-r1 || =9.20-r0 || =9.20-r1 || =9.21-r0 || =9.21-r1 || =9.21-r2 || =9.21-r3 || =9.22-r0 || =9.24-r0 || =9.25-r0 || =9.25-r1 || =9.26-r0 || =9.26-r1 || =9.26-r2 || =9.27-r0 || =9.27-r1 || =9.27-r2 || =9.27-r3 || =9.27-r4 || =9.50-r0 || =9.51-r0 || =9.52-r0 || =9.53.1-r0 || =9.53.2-r0 || =9.53.3-r0 || =9.54.0-r0 || =9.54.0-r1 || =9.55.0-r0 || =9.56.1-r0 || >=0 <10.04.0-r0 | 10.04.0-r0 | |
alpine v3.21 | =10.0.0-r0 || =10.0.0-r1 || =10.0.0-r2 || =10.01.0-r0 || =10.01.0-r1 || =10.01.1-r0 || =10.01.1-r1 || =10.01.1-r2 || =10.01.2-r0 || =10.02.0-r0 || =10.02.0-r1 || =10.02.1-r0 || =10.03.1-r0 || =8.64-r0 || =8.70-r0 || =8.71-r0 || =8.71-r1 || =8.71-r2 || =8.71-r3 || =8.71-r4 || =9.00-r0 || =9.00-r1 || =9.00-r2 || =9.04-r0 || =9.05-r0 || =9.05-r1 || =9.06-r0 || =9.06-r1 || =9.06-r2 || =9.06-r3 || =9.07-r0 || =9.09-r0 || =9.09-r1 || =9.10-r0 || =9.10-r1 || =9.15-r0 || =9.15-r1 || =9.16-r0 || =9.16-r1 || =9.16-r2 || =9.18-r0 || =9.19-r0 || =9.19-r1 || =9.20-r0 || =9.20-r1 || =9.21-r0 || =9.21-r1 || =9.21-r2 || =9.21-r3 || =9.22-r0 || =9.24-r0 || =9.25-r0 || =9.25-r1 || =9.26-r0 || =9.26-r1 || =9.26-r2 || =9.27-r0 || =9.27-r1 || =9.27-r2 || =9.27-r3 || =9.27-r4 || =9.50-r0 || =9.51-r0 || =9.52-r0 || =9.53.1-r0 || =9.53.2-r0 || =9.53.3-r0 || =9.54.0-r0 || =9.54.0-r1 || =9.55.0-r0 || =9.56.1-r0 || >=0 <10.04.0-r0 | 10.04.0-r0 | |
alpine v3.22 | =10.0.0-r0 || =10.0.0-r1 || =10.0.0-r2 || =10.01.0-r0 || =10.01.0-r1 || =10.01.1-r0 || =10.01.1-r1 || =10.01.1-r2 || =10.01.2-r0 || =10.02.0-r0 || =10.02.0-r1 || =10.02.1-r0 || =10.03.1-r0 || =8.64-r0 || =8.70-r0 || =8.71-r0 || =8.71-r1 || =8.71-r2 || =8.71-r3 || =8.71-r4 || =9.00-r0 || =9.00-r1 || =9.00-r2 || =9.04-r0 || =9.05-r0 || =9.05-r1 || =9.06-r0 || =9.06-r1 || =9.06-r2 || =9.06-r3 || =9.07-r0 || =9.09-r0 || =9.09-r1 || =9.10-r0 || =9.10-r1 || =9.15-r0 || =9.15-r1 || =9.16-r0 || =9.16-r1 || =9.16-r2 || =9.18-r0 || =9.19-r0 || =9.19-r1 || =9.20-r0 || =9.20-r1 || =9.21-r0 || =9.21-r1 || =9.21-r2 || =9.21-r3 || =9.22-r0 || =9.24-r0 || =9.25-r0 || =9.25-r1 || =9.26-r0 || =9.26-r1 || =9.26-r2 || =9.27-r0 || =9.27-r1 || =9.27-r2 || =9.27-r3 || =9.27-r4 || =9.50-r0 || =9.51-r0 || =9.52-r0 || =9.53.1-r0 || =9.53.2-r0 || =9.53.3-r0 || =9.54.0-r0 || =9.54.0-r1 || =9.55.0-r0 || =9.56.1-r0 || >=0 <10.04.0-r0 | 10.04.0-r0 | |
alpine v3.20 | =10.0.0-r0 || =10.0.0-r1 || =10.0.0-r2 || =10.01.0-r0 || =10.01.0-r1 || =10.01.1-r0 || =10.01.1-r1 || =10.01.1-r2 || =10.01.2-r0 || =10.02.0-r0 || =10.02.0-r1 || =10.02.1-r0 || =10.03.1-r0 || =8.64-r0 || =8.70-r0 || =8.71-r0 || =8.71-r1 || =8.71-r2 || =8.71-r3 || =8.71-r4 || =9.00-r0 || =9.00-r1 || =9.00-r2 || =9.04-r0 || =9.05-r0 || =9.05-r1 || =9.06-r0 || =9.06-r1 || =9.06-r2 || =9.06-r3 || =9.07-r0 || =9.09-r0 || =9.09-r1 || =9.10-r0 || =9.10-r1 || =9.15-r0 || =9.15-r1 || =9.16-r0 || =9.16-r1 || =9.16-r2 || =9.18-r0 || =9.19-r0 || =9.19-r1 || =9.20-r0 || =9.20-r1 || =9.21-r0 || =9.21-r1 || =9.21-r2 || =9.21-r3 || =9.22-r0 || =9.24-r0 || =9.25-r0 || =9.25-r1 || =9.26-r0 || =9.26-r1 || =9.26-r2 || =9.27-r0 || =9.27-r1 || =9.27-r2 || =9.27-r3 || =9.27-r4 || =9.50-r0 || =9.51-r0 || =9.52-r0 || =9.53.1-r0 || =9.53.2-r0 || =9.53.3-r0 || =9.54.0-r0 || =9.54.0-r1 || =9.55.0-r0 || =9.56.1-r0 || >=0 <10.04.0-r0 | 10.04.0-r0 | |
debian 11 | =9.53.3~dfsg-7 || =9.53.3~dfsg-7+deb11u1 || =9.53.3~dfsg-7+deb11u2 || =9.53.3~dfsg-7+deb11u3 || =9.53.3~dfsg-7+deb11u4 || =9.53.3~dfsg-7+deb11u5 || =9.53.3~dfsg-7+deb11u6 || =9.53.3~dfsg-7+deb11u7 || =9.53.3~dfsg-7+deb11u8 || >=0 <9.53.3~dfsg-7+deb11u9 | 9.53.3~dfsg-7+deb11u9 | |
debian 13 | >=0 <10.04.0~dfsg-1 | 10.04.0~dfsg-1 | |
debian 14 | >=0 <10.04.0~dfsg-1 | 10.04.0~dfsg-1 | |
 rpm rhel10 | <0:10.02.1-15.el10_0 | 0:10.02.1-15.el10_0 |
1-10 of 14
10
Does your application use this vulnerable software?
During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.