VDB

GCVE-110-MAGEIA-2023-260

GCVE-110-MAGEIA-2023-260
Advisory Published
Vulnetix · Advisory published September 11, 2023
Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). (CVE-2023-36664) A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs. (CVE-2023-38559)

Affected Products

VendorProductVersionsPlatforms
Mageiaghostscript0 (affected), 9.53.3-2.6.mga8 (unaffected)
Mageiaghostscript10.00.0-6.2.mga9 (unaffected), 0 (affected)

Browse GCVE Records

72,921 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›