CVE-2024-29506

Public on 2024-07-03
Modified on 2024-07-07
Description
Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name.
Severity
Medium severity
Medium
CVSS v3 Base Score
5.4
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 ghostscript Not Affected
Amazon Linux 2 - Core ghostscript Not Affected
Amazon Linux 2023 ghostscript 2024-08-01 ALAS2023-2024-692 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
NVD CVSSv3 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

References

Red Hat: CVE-2024-29506 Mitre: CVE-2024-29506