#CodeanLabs

RCE bug in widely used Ghostscript library now exploited in attacks

by

July 8, 2024 at 12:28PM A critical remote code execution vulnerability (CVE-2024-29510) in Ghostscript, affecting versions 10.03.0 and earlier, is being actively exploited. This flaw enables attackers to bypass the default sandbox and execute high-risk operations. The security researchers at Codean Labs have advised updating or removing Ghostscript to mitigate the risk. Additionally, a Postscript … Read more

Attackers Exploiting Remote Code Execution Vulnerability in Ghostscript

by

July 8, 2024 at 08:01AM Security researchers have identified a critical Ghostscript vulnerability (CVE-2024-29510), allowing remote code execution through a format string injection in the uniprint device. Exploited in the wild, this flaw impacts web applications and document conversion services. The issue was addressed in Ghostscript version 10.03.1, but immediate updating is strongly recommended to … Read more