CVE-2024-46955

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 10, 2024

Updated: Nov 14, 2024

CWE ID 125

Summary

CVE-2024-46955 is a newly disclosed vulnerability affecting Artifex Ghostscript before version 10.04.0. This issue involves an out-of-bounds read in the psi/zcolor.c file, specifically when handling color in the Indexed color space. Exploitation of this vulnerability could potentially lead to data leakage or system instability. Users are strongly advised to upgrade to the latest version of Ghostscript to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SUSE Linux Enterprise Server
GhostScript
Debian

Affected Vendors

Debian
SUSE Linux GmbH
Artifex

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/yqjZpT
https://www.cve.org/CVERecord?id=CVE-2024-46955
https://nvd.nist.gov/vuln/detail/CVE-2024-46955

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Know What Matters

For Customers

For Partners