csaf_suse - suse-su-2024:3942-1

suse-su-2024:3942-1

Vulnerability from csaf_suse

Published

2024-11-07 10:11

Modified

2024-11-07 10:11

Summary

Security update for ghostscript

Notes

Title of the patch

Security update for ghostscript

Description of the patch

This update for ghostscript fixes the following issues: - CVE-2024-46951: Fixed arbitrary code execution via unchecked 'Implementation' pointer in 'Pattern' color space (bsc#1232265). - CVE-2024-46953: Fixed integer overflow when parsing the page format results in path truncation, path traversal, code execution (bsc#1232267). - CVE-2024-46956: Fixed arbitrary code execution via out of bounds data access in filenameforall (bsc#1232270). - CVE-2024-46955: Fixed out of bounds read when reading color in 'Indexed' color space (bsc#1232269).

Patchnames

SUSE-2024-3942,SUSE-SLE-SERVER-12-SP5-LTSS-2024-3942,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-3942

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for ghostscript",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for ghostscript fixes the following issues:\n\n- CVE-2024-46951: Fixed arbitrary code execution via unchecked \u0027Implementation\u0027 pointer in \u0027Pattern\u0027 color space (bsc#1232265).\n- CVE-2024-46953: Fixed integer overflow when parsing the page format results in path truncation, path traversal, code execution (bsc#1232267).\n- CVE-2024-46956: Fixed arbitrary code execution via out of bounds data access in filenameforall (bsc#1232270).\n- CVE-2024-46955: Fixed out of bounds read when reading color in \u0027Indexed\u0027 color space (bsc#1232269).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-3942,SUSE-SLE-SERVER-12-SP5-LTSS-2024-3942,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-3942",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3942-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2024:3942-1",
        "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2024:3942-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019787.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232265",
        "url": "https://bugzilla.suse.com/1232265"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232267",
        "url": "https://bugzilla.suse.com/1232267"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232269",
        "url": "https://bugzilla.suse.com/1232269"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232270",
        "url": "https://bugzilla.suse.com/1232270"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-46951 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-46951/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-46953 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-46953/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-46955 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-46955/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-46956 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-46956/"
      }
    ],
    "title": "Security update for ghostscript",
    "tracking": {
      "current_release_date": "2024-11-07T10:11:48Z",
      "generator": {
        "date": "2024-11-07T10:11:48Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2024:3942-1",
      "initial_release_date": "2024-11-07T10:11:48Z",
      "revision_history": [
        {
          "date": "2024-11-07T10:11:48Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ghostscript-9.52-23.86.1.aarch64",
                "product": {
                  "name": "ghostscript-9.52-23.86.1.aarch64",
                  "product_id": "ghostscript-9.52-23.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-devel-9.52-23.86.1.aarch64",
                "product": {
                  "name": "ghostscript-devel-9.52-23.86.1.aarch64",
                  "product_id": "ghostscript-devel-9.52-23.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-mini-9.52-23.86.1.aarch64",
                "product": {
                  "name": "ghostscript-mini-9.52-23.86.1.aarch64",
                  "product_id": "ghostscript-mini-9.52-23.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-mini-devel-9.52-23.86.1.aarch64",
                "product": {
                  "name": "ghostscript-mini-devel-9.52-23.86.1.aarch64",
                  "product_id": "ghostscript-mini-devel-9.52-23.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-x11-9.52-23.86.1.aarch64",
                "product": {
                  "name": "ghostscript-x11-9.52-23.86.1.aarch64",
                  "product_id": "ghostscript-x11-9.52-23.86.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ghostscript-9.52-23.86.1.i586",
                "product": {
                  "name": "ghostscript-9.52-23.86.1.i586",
                  "product_id": "ghostscript-9.52-23.86.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-devel-9.52-23.86.1.i586",
                "product": {
                  "name": "ghostscript-devel-9.52-23.86.1.i586",
                  "product_id": "ghostscript-devel-9.52-23.86.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-mini-9.52-23.86.1.i586",
                "product": {
                  "name": "ghostscript-mini-9.52-23.86.1.i586",
                  "product_id": "ghostscript-mini-9.52-23.86.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-mini-devel-9.52-23.86.1.i586",
                "product": {
                  "name": "ghostscript-mini-devel-9.52-23.86.1.i586",
                  "product_id": "ghostscript-mini-devel-9.52-23.86.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-x11-9.52-23.86.1.i586",
                "product": {
                  "name": "ghostscript-x11-9.52-23.86.1.i586",
                  "product_id": "ghostscript-x11-9.52-23.86.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ghostscript-9.52-23.86.1.ppc64le",
                "product": {
                  "name": "ghostscript-9.52-23.86.1.ppc64le",
                  "product_id": "ghostscript-9.52-23.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-devel-9.52-23.86.1.ppc64le",
                "product": {
                  "name": "ghostscript-devel-9.52-23.86.1.ppc64le",
                  "product_id": "ghostscript-devel-9.52-23.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-mini-9.52-23.86.1.ppc64le",
                "product": {
                  "name": "ghostscript-mini-9.52-23.86.1.ppc64le",
                  "product_id": "ghostscript-mini-9.52-23.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-mini-devel-9.52-23.86.1.ppc64le",
                "product": {
                  "name": "ghostscript-mini-devel-9.52-23.86.1.ppc64le",
                  "product_id": "ghostscript-mini-devel-9.52-23.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-x11-9.52-23.86.1.ppc64le",
                "product": {
                  "name": "ghostscript-x11-9.52-23.86.1.ppc64le",
                  "product_id": "ghostscript-x11-9.52-23.86.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ghostscript-9.52-23.86.1.s390",
                "product": {
                  "name": "ghostscript-9.52-23.86.1.s390",
                  "product_id": "ghostscript-9.52-23.86.1.s390"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-devel-9.52-23.86.1.s390",
                "product": {
                  "name": "ghostscript-devel-9.52-23.86.1.s390",
                  "product_id": "ghostscript-devel-9.52-23.86.1.s390"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-mini-9.52-23.86.1.s390",
                "product": {
                  "name": "ghostscript-mini-9.52-23.86.1.s390",
                  "product_id": "ghostscript-mini-9.52-23.86.1.s390"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-mini-devel-9.52-23.86.1.s390",
                "product": {
                  "name": "ghostscript-mini-devel-9.52-23.86.1.s390",
                  "product_id": "ghostscript-mini-devel-9.52-23.86.1.s390"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-x11-9.52-23.86.1.s390",
                "product": {
                  "name": "ghostscript-x11-9.52-23.86.1.s390",
                  "product_id": "ghostscript-x11-9.52-23.86.1.s390"
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ghostscript-9.52-23.86.1.s390x",
                "product": {
                  "name": "ghostscript-9.52-23.86.1.s390x",
                  "product_id": "ghostscript-9.52-23.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-devel-9.52-23.86.1.s390x",
                "product": {
                  "name": "ghostscript-devel-9.52-23.86.1.s390x",
                  "product_id": "ghostscript-devel-9.52-23.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-mini-9.52-23.86.1.s390x",
                "product": {
                  "name": "ghostscript-mini-9.52-23.86.1.s390x",
                  "product_id": "ghostscript-mini-9.52-23.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-mini-devel-9.52-23.86.1.s390x",
                "product": {
                  "name": "ghostscript-mini-devel-9.52-23.86.1.s390x",
                  "product_id": "ghostscript-mini-devel-9.52-23.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-x11-9.52-23.86.1.s390x",
                "product": {
                  "name": "ghostscript-x11-9.52-23.86.1.s390x",
                  "product_id": "ghostscript-x11-9.52-23.86.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ghostscript-9.52-23.86.1.x86_64",
                "product": {
                  "name": "ghostscript-9.52-23.86.1.x86_64",
                  "product_id": "ghostscript-9.52-23.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-devel-9.52-23.86.1.x86_64",
                "product": {
                  "name": "ghostscript-devel-9.52-23.86.1.x86_64",
                  "product_id": "ghostscript-devel-9.52-23.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-mini-9.52-23.86.1.x86_64",
                "product": {
                  "name": "ghostscript-mini-9.52-23.86.1.x86_64",
                  "product_id": "ghostscript-mini-9.52-23.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-mini-devel-9.52-23.86.1.x86_64",
                "product": {
                  "name": "ghostscript-mini-devel-9.52-23.86.1.x86_64",
                  "product_id": "ghostscript-mini-devel-9.52-23.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ghostscript-x11-9.52-23.86.1.x86_64",
                "product": {
                  "name": "ghostscript-x11-9.52-23.86.1.x86_64",
                  "product_id": "ghostscript-x11-9.52-23.86.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
                  "product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ghostscript-9.52-23.86.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.aarch64"
        },
        "product_reference": "ghostscript-9.52-23.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ghostscript-9.52-23.86.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.ppc64le"
        },
        "product_reference": "ghostscript-9.52-23.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ghostscript-9.52-23.86.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.s390x"
        },
        "product_reference": "ghostscript-9.52-23.86.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ghostscript-9.52-23.86.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.x86_64"
        },
        "product_reference": "ghostscript-9.52-23.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ghostscript-devel-9.52-23.86.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.aarch64"
        },
        "product_reference": "ghostscript-devel-9.52-23.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ghostscript-devel-9.52-23.86.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.ppc64le"
        },
        "product_reference": "ghostscript-devel-9.52-23.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ghostscript-devel-9.52-23.86.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.s390x"
        },
        "product_reference": "ghostscript-devel-9.52-23.86.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ghostscript-devel-9.52-23.86.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.x86_64"
        },
        "product_reference": "ghostscript-devel-9.52-23.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ghostscript-x11-9.52-23.86.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.aarch64"
        },
        "product_reference": "ghostscript-x11-9.52-23.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ghostscript-x11-9.52-23.86.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.ppc64le"
        },
        "product_reference": "ghostscript-x11-9.52-23.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ghostscript-x11-9.52-23.86.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.s390x"
        },
        "product_reference": "ghostscript-x11-9.52-23.86.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ghostscript-x11-9.52-23.86.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.x86_64"
        },
        "product_reference": "ghostscript-x11-9.52-23.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ghostscript-9.52-23.86.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
          "product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-9.52-23.86.1.x86_64"
        },
        "product_reference": "ghostscript-9.52-23.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ghostscript-devel-9.52-23.86.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
          "product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-devel-9.52-23.86.1.x86_64"
        },
        "product_reference": "ghostscript-devel-9.52-23.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ghostscript-x11-9.52-23.86.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
          "product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-x11-9.52-23.86.1.x86_64"
        },
        "product_reference": "ghostscript-x11-9.52-23.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-46951",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-46951"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-devel-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-x11-9.52-23.86.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-46951",
          "url": "https://www.suse.com/security/cve/CVE-2024-46951"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232173 for CVE-2024-46951",
          "url": "https://bugzilla.suse.com/1232173"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232265 for CVE-2024-46951",
          "url": "https://bugzilla.suse.com/1232265"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-devel-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-x11-9.52-23.86.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-devel-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-x11-9.52-23.86.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-07T10:11:48Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-46951"
    },
    {
      "cve": "CVE-2024-46953",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-46953"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-devel-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-x11-9.52-23.86.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-46953",
          "url": "https://www.suse.com/security/cve/CVE-2024-46953"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232173 for CVE-2024-46953",
          "url": "https://bugzilla.suse.com/1232173"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232267 for CVE-2024-46953",
          "url": "https://bugzilla.suse.com/1232267"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-devel-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-x11-9.52-23.86.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-devel-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-x11-9.52-23.86.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-07T10:11:48Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-46953"
    },
    {
      "cve": "CVE-2024-46955",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-46955"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-devel-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-x11-9.52-23.86.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-46955",
          "url": "https://www.suse.com/security/cve/CVE-2024-46955"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232173 for CVE-2024-46955",
          "url": "https://bugzilla.suse.com/1232173"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232269 for CVE-2024-46955",
          "url": "https://bugzilla.suse.com/1232269"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-devel-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-x11-9.52-23.86.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-devel-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-x11-9.52-23.86.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-07T10:11:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-46955"
    },
    {
      "cve": "CVE-2024-46956",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-46956"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-devel-9.52-23.86.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-x11-9.52-23.86.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-46956",
          "url": "https://www.suse.com/security/cve/CVE-2024-46956"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232173 for CVE-2024-46956",
          "url": "https://bugzilla.suse.com/1232173"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232270 for CVE-2024-46956",
          "url": "https://bugzilla.suse.com/1232270"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-devel-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-x11-9.52-23.86.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-devel-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:ghostscript-x11-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-devel-9.52-23.86.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ghostscript-x11-9.52-23.86.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-07T10:11:48Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-46956"
    }
  ]
}

CVE-2024-46953 (GCVE-0-2024-46953)

Vulnerability from cvelistv5

Published

2024-11-10 00:00

Modified

2025-11-03 22:19

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Summary

An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.

References

URL

Tags

	https://bugs.ghostscript.com/show_bug.cgi?id=707793
	https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html
	https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/
	https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=1f21a45df0fa3abec4cff12951022b192dda3c00

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:artifex:ghostscript:10.04.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ghostscript",
            "vendor": "artifex",
            "versions": [
              {
                "status": "affected",
                "version": "10.04.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-46953",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T19:59:32.165336Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-190",
                "description": "CWE-190 Integer Overflow or Wraparound",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T20:19:56.551Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T22:19:52.060Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00023.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-10T21:14:20.813Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://bugs.ghostscript.com/show_bug.cgi?id=707793"
        },
        {
          "url": "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html"
        },
        {
          "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/"
        },
        {
          "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=1f21a45df0fa3abec4cff12951022b192dda3c00"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-46953",
    "datePublished": "2024-11-10T00:00:00.000Z",
    "dateReserved": "2024-09-16T00:00:00.000Z",
    "dateUpdated": "2025-11-03T22:19:52.060Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-46951 (GCVE-0-2024-46951)

Vulnerability from cvelistv5

Published

2024-11-10 00:00

Modified

2025-11-03 22:19

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Summary

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.

References

URL

Tags

	https://bugs.ghostscript.com/show_bug.cgi?id=707991
	https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html
	https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8
	https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:artifex:ghostscript:10.04.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ghostscript",
            "vendor": "artifex",
            "versions": [
              {
                "status": "affected",
                "version": "10.04.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-46951",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T19:59:49.348169Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-824",
                "description": "CWE-824 Access of Uninitialized Pointer",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T20:22:36.377Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T22:19:50.582Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00023.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-10T21:08:22.555Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://bugs.ghostscript.com/show_bug.cgi?id=707991"
        },
        {
          "url": "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html"
        },
        {
          "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8"
        },
        {
          "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-46951",
    "datePublished": "2024-11-10T00:00:00.000Z",
    "dateReserved": "2024-09-16T00:00:00.000Z",
    "dateUpdated": "2025-11-03T22:19:50.582Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-46956 (GCVE-0-2024-46956)

Vulnerability from cvelistv5

Published

2024-11-10 00:00

Modified

2025-11-03 22:19

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Summary

An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.

References

URL

Tags

	https://bugs.ghostscript.com/show_bug.cgi?id=707895
	https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html
	https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/
	https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f4151f12db32cd3ed26c24327de714bf2c3ed6ca

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:artifex:ghostscript:10.04.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ghostscript",
            "vendor": "artifex",
            "versions": [
              {
                "status": "affected",
                "version": "10.04.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-46956",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-30T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-31T03:55:57.518Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T22:19:54.977Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00023.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-10T21:23:15.906Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://bugs.ghostscript.com/show_bug.cgi?id=707895"
        },
        {
          "url": "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html"
        },
        {
          "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/"
        },
        {
          "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f4151f12db32cd3ed26c24327de714bf2c3ed6ca"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-46956",
    "datePublished": "2024-11-10T00:00:00.000Z",
    "dateReserved": "2024-09-16T00:00:00.000Z",
    "dateUpdated": "2025-11-03T22:19:54.977Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-46955 (GCVE-0-2024-46955)

Vulnerability from cvelistv5

Published

2024-11-10 00:00

Modified

2025-11-03 22:19

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE

Summary

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.

References

URL

Tags

	https://bugs.ghostscript.com/show_bug.cgi?id=707990
	https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html
	https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/
	https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=85bd9d2f4b792fe67aef22f1a4117457461b8ba6

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:artifex:ghostscript:10.04.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ghostscript",
            "vendor": "artifex",
            "versions": [
              {
                "status": "affected",
                "version": "10.04.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-46955",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T19:58:59.187779Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T20:05:30.782Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T22:19:53.526Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00023.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-10T21:20:48.522Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://bugs.ghostscript.com/show_bug.cgi?id=707990"
        },
        {
          "url": "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html"
        },
        {
          "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/"
        },
        {
          "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=85bd9d2f4b792fe67aef22f1a4117457461b8ba6"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-46955",
    "datePublished": "2024-11-10T00:00:00.000Z",
    "dateReserved": "2024-09-16T00:00:00.000Z",
    "dateUpdated": "2025-11-03T22:19:53.526Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2024:3942-1

Vulnerability from csaf_suse

CVE-2024-46953 (GCVE-0-2024-46953)

Vulnerability from cvelistv5

CVE-2024-46951 (GCVE-0-2024-46951)

Vulnerability from cvelistv5

CVE-2024-46956 (GCVE-0-2024-46956)

Vulnerability from cvelistv5

CVE-2024-46955 (GCVE-0-2024-46955)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature