rpm package
suse/ghostscript-library&distro=SUSE Linux Enterprise Server 11 SP4-LTSS
pkg:rpm/suse/ghostscript-library&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-3838 | — | < 8.62-47.16.1 | 8.62-47.16.1 | Mar 25, 2019 | It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. |
- CVE-2019-3838Mar 25, 2019affected < 8.62-47.16.1fixed 8.62-47.16.1
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.