Vulnerability Details CVE-2023-38560
An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.7%
CVSS Severity
CVSS v3 Score 5.5
References
- https://access.redhat.com/security/cve/CVE-2023-38560
- https://bugs.ghostscript.com/show_bug.cgi?id=706898
- https://bugzilla.redhat.com/show_bug.cgi?id=2224368
- https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b7eb1d0174c
- https://access.redhat.com/security/cve/CVE-2023-38560
- https://bugs.ghostscript.com/show_bug.cgi?id=706898
- https://bugzilla.redhat.com/show_bug.cgi?id=2224368
- https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b7eb1d0174c
Products affected by CVE-2023-38560
-
cpe:2.3:a:artifex:ghostscript:-