July 8, 2024 at 12:28PM A critical remote code execution vulnerability (CVE-2024-29510) in Ghostscript, affecting versions 10.03.0 and earlier, is being actively exploited. This flaw enables attackers to bypass the default sandbox and execute high-risk operations. The security researchers at Codean Labs have advised updating or removing Ghostscript to mitigate the risk. Additionally, a Postscript … Read more
July 8, 2024 at 08:01AM Security researchers have identified a critical Ghostscript vulnerability (CVE-2024-29510), allowing remote code execution through a format string injection in the uniprint device. Exploited in the wild, this flaw impacts web applications and document conversion services. The issue was addressed in Ghostscript version 10.03.1, but immediate updating is strongly recommended to … Read more
July 5, 2024 at 08:41AM Infosec experts are discussing a vulnerability in Ghostscript, which may lead to significant breaches. The format string bug, designated as CVE-2024-29510, allows remote code execution (RCE) on systems running Ghostscript. It poses a serious threat to web applications and services utilizing Ghostscript for document conversion and preview functionality. The severity … Read more