MGASA-2018-0408
Advisory lineage Upstream: 3 Downstream: 0
Published: 19 Oct 2018, 18:36
Last modified:16 Apr 2026, 06:25
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
19 Oct 2018, 18:36
Published
Vulnerability first disclosed
16 Apr 2026, 06:25
Last Modified
Vulnerability information updated
Description
Updated ghostscript packages fix security vulnerabilities Updated ghostscript packages fix many bugs and security vulnerabilities: Bypassing executeonly to escape -dSAFER sandbox. (CVE-2018-17961) Saved execution stacks can leak operator arrays. (CVE-2018-18073) 1Policy operator gives access to .forceput. (CVE-2018-18284)
Affected Systems
- mageia•ghostscript
< 9.25-1.2.mga6
References (6)
- https://advisories.mageia.org/MGASA-2018-0408.html
- https://bugs.mageia.org/show_bug.cgi?id=23659
- https://www.openwall.com/lists/oss-security/2018/10/09/4
- https://www.openwall.com/lists/oss-security/2018/10/11/3
- https://www.openwall.com/lists/oss-security/2018/10/10/12
- https://www.openwall.com/lists/oss-security/2018/10/16/2