CVEFinder.io

CVE-2024-46953

âš ī¸ high
🔍 Scan for this CVE
Summary

An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.

CVSS Score
7.8
High
EPSS Score
0.1
Exploit Probability
Published Date
2024-11-10
First Seen: 2026-01-05
📊 Relative Risk Intelligence

This CVE is Moderate Risk - more severe than 69.5% of all 335,456 vulnerabilities in our database.

#102,195
Above average severity
Severity Percentile
đŸŽ¯ CISA SSVC Assessment Updated: Nov 12, 2024
🔍 Exploitation Status
None
No known exploits
âš™ī¸ Automatable
NO
Requires human interaction
đŸ’Ĩ Technical Impact
Total
Complete system compromise possible
SSVC data provided by CISA
Last Modified 2025-11-03
CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE IDs (Weakness Types)

đŸ“Ļ Affected Products 5

🔗 References 5

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-14355 đŸ”ļ medium 5.6 0.3 In PHP versions 8.2.* before 8.2.32, 8.3.* before 8.3.32, 8.4.* before 8.4.23, 8.5.* before 8.5.8, the AES-WRAP-PAD algo... 2026-07-03
CVE-2026-56968 â„šī¸ low 3.7 0.2 GNU SASL before 2.2.4 lacks sanitization of a short challenge in _gsasl_ntlm_client_step in the NTLM client, which could... 2026-06-23
CVE-2026-49975 âš ī¸ high 7.5 11.5 Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service vi... 2026-06-08
CVE-2026-46333 âš ī¸ high 7.1 1.4 In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The ... 2026-05-15
CVE-2026-31431 âš ī¸ high 7.8 96.3 In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-pla... 2026-04-22
CVE-2026-41082 âš ī¸ high 7.3 0.2 In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory. 2026-04-16
These CVEs affect the same products