5.5
CVE-2023-4042
- EPSS 0.03%
- Published 23.08.2023 13:15:07
- Last modified 21.11.2024 08:34:17
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.
Data is provided by the National Vulnerability Database (NVD)
Artifex ≫ Ghostscript Version < 9.51
Redhat ≫ Codeready Linux Builder Version8.0
Redhat ≫ Codeready Linux Builder For Arm64 Version8.0_aarch64
Redhat ≫ Codeready Linux Builder For Ibm Z Systems Version8.0_s390x
Redhat ≫ Codeready Linux Builder For Power Little Endian Version8.0_ppc64le
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux For Arm 64 Version8.0_aarch64
Redhat ≫ Enterprise Linux For Ibm Z Systems Version8.0_s390x
Redhat ≫ Enterprise Linux For Power Little Endian Version8.0_ppc64le
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.058 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
|
| secalert@redhat.com | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.