An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.
This Cyber News was published on www.tenable.com. Publication date: Mon, 11 Nov 2024 06:56:03 +0000