Lucene search
Alpine Linux Development TeamALPINE:CVE-2023-36664HistoryJun 25, 2023 - 10:15 p.m.
CVE-2023-36664
2023-06-2522:15:21
Alpine Linux Development Team
security.alpinelinux.org
94
artifex ghostscript
permission validation
pipe devices
unix
cve-2023-36664
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
37.4%
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | 3.17-main | noarch | ghostscript | = 10.01.2-r0 | UNKNOWN |
| Alpine | 3.15-main | noarch | ghostscript | < 9.55.0-r2 | UNKNOWN |
| Alpine | 3.16-main | noarch | ghostscript | < 9.56.1-r2 | UNKNOWN |
Related
nessus
nessus
Artifex Ghostscript < 10.01.2 Security Bypass
2023-06-30 00:00:00
Rocky Linux 9 : ghostscript (RLSA-2023:5459)
2023-10-06 00:00:00
githubexploit
githubexploit
Exploit for CVE-2023-36664
2024-04-09 22:05:29
Exploit for CVE-2023-36664
2023-08-29 14:01:49
Exploit for CVE-2023-36664
2023-12-02 10:28:10
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:2844-1)
2023-07-17 00:00:00
Debian: Security Advisory (DSA-5446-1)
2023-07-04 00:00:00
Fedora: Security Advisory for ghostscript (FEDORA-2023-83c805b441)
2023-07-26 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: ghostscript-10.01.2-1.fc38
2023-07-16 01:27:12
[SECURITY] Fedora 37 Update: ghostscript-9.56.1-8.fc37
2023-07-23 01:24:49
osv
osv
CVE-2023-36664
2023-06-25 22:15:21
Important: ghostscript security update
2023-10-06 22:58:14
CGA-fggx-v5hp-6cc5
2024-06-06 12:25:54
slackware
slackware
[slackware-security] ghostscript
2024-03-07 20:46:46
oraclelinux
oraclelinux
ghostscript security update
2023-10-06 00:00:00
prion
prion
Design/Logic Flaw
2023-06-25 22:15:00
amazon
amazon
Important: ghostscript
2024-05-09 19:16:00
cvelist
cvelist
CVE-2023-36664
2023-06-25 00:00:00
nvd
nvd
CVE-2023-36664
2023-06-25 22:15:21
debiancve
debiancve
CVE-2023-36664
2023-06-25 22:15:21
redhatcve
redhatcve
CVE-2023-36664
2023-06-27 06:47:22
redhat
redhat
(RHSA-2023:4324) Important: ghostscript security update
2023-07-31 08:17:10
(RHSA-2023:5459) Important: ghostscript security update
2023-10-05 10:11:33
veracode
veracode
Improper Input Validation
2023-07-19 23:22:53
redos
redos
ROS-20230911-05
2023-09-11 00:00:00
almalinux
almalinux
Important: ghostscript security update
2023-10-05 00:00:00
rocky
rocky
ghostscript security update
2023-10-06 22:58:14
rosalinux
rosalinux
Advisory ROSA-SA-2023-2318
2023-12-26 12:01:06
cve
cve
CVE-2023-36664
2023-06-25 22:15:21
ubuntucve
ubuntucve
CVE-2023-36664
2023-06-25 00:00:00
debian
debian
[SECURITY] [DSA 5446-1] ghostscript security update
2023-07-03 20:10:41
ubuntu
ubuntu
Ghostscript vulnerability
2023-07-10 00:00:00
mageia
mageia
Updated ghostscript packages fix security vulnerability
2023-09-11 16:07:54
gentoo
gentoo
GPL Ghostscript: Multiple Vulnerabilities
2023-09-17 00:00:00
thn
thn
hp
hp
HP ThinPro 8.0 SP 7 Security Updates
2024-01-26 00:00:00
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
37.4%
Related for ALPINE:CVE-2023-36664