发布于3月6日3月6日 Members Red Hat: CVE-2024-29510: ghostscript: format string injection leads to shell command execution (SAFER bypass) (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 07/03/2024 Created 09/11/2024 Added 09/10/2024 Modified 09/13/2024 Description Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device. Solution(s) redhat-upgrade-ghostscript redhat-upgrade-ghostscript-debuginfo redhat-upgrade-ghostscript-debugsource redhat-upgrade-ghostscript-doc redhat-upgrade-ghostscript-gtk-debuginfo redhat-upgrade-ghostscript-tools-dvipdf redhat-upgrade-ghostscript-tools-fonts redhat-upgrade-ghostscript-tools-printing redhat-upgrade-ghostscript-x11 redhat-upgrade-ghostscript-x11-debuginfo redhat-upgrade-libgs redhat-upgrade-libgs-debuginfo redhat-upgrade-libgs-devel References CVE-2024-29510 RHSA-2024:6197 RHSA-2024:6466
