Vulnetix
Try Vulnetix Request Demo
ALPINE-CVE-2018-15908 PUBLISHED CVSS 7.800000190734863 HIGH

In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files.

Risk Scores

CVSS v3.0
7.800000190734863
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Alpine:v3.5ghostscript9.18-r0, 9.19-r0, 9.19-r1
Alpine:v3.22ghostscript9.22-r0, 9.15-r1, 9.15-r0
Alpine:v3.14ghostscript9.05-r0, 9.05-r1, 9.06-r0
Alpine:v3.16ghostscript9.05-r1, 9.20-r1, 9.21-r0
Alpine:v3.13ghostscript9.05-r0, 0, 8.64-r0
Alpine:v3.23ghostscript9.05-r0, 9.22-r0, 9.21-r3
Alpine:v3.21ghostscript9.21-r1, 0, 8.64-r0
Alpine:v3.19ghostscript9.15-r1, 9.16-r0, 9.16-r1
Alpine:v3.15ghostscript9.04-r0, 9.05-r1, 9.06-r0
Alpine:v3.11ghostscript9.04-r0, 9.05-r0, 9.05-r1
Alpine:v3.10ghostscript0, 8.64-r0, 8.70-r0
Alpine:v3.7ghostscript8.64-r0, 8.70-r0, 8.71-r0
Alpine:v3.18ghostscript9.15-r0, 9.22-r0, 9.21-r3
Alpine:v3.20ghostscript9.05-r0, 0, 8.64-r0
Alpine:v3.9ghostscript9.22-r0, 0, 8.64-r0
Alpine:v3.17ghostscript9.21-r3, 9.04-r0, 9.05-r0
Alpine:v3.6ghostscript8.70-r0, 8.71-r0, 8.71-r1
Alpine:v3.8ghostscript9.15-r0, 0, 8.64-r0
Alpine:v3.12ghostscript9.22-r0, 9.21-r3, 9.21-r2

Timeline

References

Open in Interactive Console →