Unrated severityNVD Advisory· Published Nov 10, 2024· Updated Nov 3, 2025
CVE-2024-46953
CVE-2024-46953
Description
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
30(expand)+ 1 more
- (no CPE)
- (no CPE)range: <10.04.0
- osv-coords28 versionspkg:rpm/almalinux/ghostscriptpkg:rpm/almalinux/ghostscript-docpkg:rpm/almalinux/ghostscript-tools-dvipdfpkg:rpm/almalinux/ghostscript-tools-fontspkg:rpm/almalinux/ghostscript-tools-printingpkg:rpm/almalinux/ghostscript-x11pkg:rpm/almalinux/libgspkg:rpm/almalinux/libgs-develpkg:rpm/opensuse/ghostscript&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/ghostscript&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/ghostscript&distro=openSUSE%20Tumbleweedpkg:rpm/suse/ghostscript&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/ghostscript&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/ghostscript&distro=SUSE%20Manager%20Server%204.3
< 9.27-16.el8_10+ 27 more
- (no CPE)range: < 9.27-16.el8_10
- (no CPE)range: < 9.27-16.el8_10
- (no CPE)range: < 9.27-16.el8_10
- (no CPE)range: < 9.27-16.el8_10
- (no CPE)range: < 9.27-16.el8_10
- (no CPE)range: < 9.27-16.el8_10
- (no CPE)range: < 9.27-16.el8_10
- (no CPE)range: < 9.27-16.el8_10
- (no CPE)range: < 9.52-150000.200.1
- (no CPE)range: < 9.52-150000.200.1
- (no CPE)range: < 10.04.0-1.1
- (no CPE)range: < 9.52-150000.200.1
- (no CPE)range: < 9.52-150000.200.1
- (no CPE)range: < 9.52-150000.200.1
- (no CPE)range: < 9.52-150000.200.1
- (no CPE)range: < 9.52-150000.200.1
- (no CPE)range: < 9.52-150000.200.1
- (no CPE)range: < 9.52-150000.200.1
- (no CPE)range: < 9.52-23.86.1
- (no CPE)range: < 9.52-150000.200.1
- (no CPE)range: < 9.52-150000.200.1
- (no CPE)range: < 9.52-150000.200.1
- (no CPE)range: < 9.52-150000.200.1
- (no CPE)range: < 9.52-150000.200.1
- (no CPE)range: < 9.52-150000.200.1
- (no CPE)range: < 9.52-23.86.1
- (no CPE)range: < 9.52-150000.200.1
- (no CPE)range: < 9.52-150000.200.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.