Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u2?distro=trixie

Type deb

Namespace debian

Name ghostscript

Version 10.0.0~dfsg-11+deb12u2

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 10.0.0~dfsg-11+deb12u3

Latest_non_vulnerable_version 10.07.1~dfsg-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-12cv-9xgd-jbgu

vulnerability_id VCID-12cv-9xgd-jbgu

summary A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38559.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38559.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-38559

reference_id

reference_type

scores

value	0.00016
scoring_system	epss
scoring_elements	0.03649
published_at	2026-06-05T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03652
published_at	2026-06-06T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.0363
published_at	2026-06-09T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03644
published_at	2026-06-07T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03621
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-38559

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38559
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38559

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043033
reference_id	1043033
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043033

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2224367
reference_id	2224367
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2224367

reference_url	https://access.redhat.com/errata/RHSA-2023:6544
reference_id	RHSA-2023:6544
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6544

reference_url	https://access.redhat.com/errata/RHSA-2023:7053
reference_id	RHSA-2023:7053
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7053

reference_url	https://usn.ubuntu.com/6297-1/
reference_id	USN-6297-1
reference_type
scores
url	https://usn.ubuntu.com/6297-1/

fixed_packages

url	pkg:deb/debian/ghostscript@9.53.3~dfsg-7%2Bdeb11u6?distro=trixie
purl	pkg:deb/debian/ghostscript@9.53.3~dfsg-7%2Bdeb11u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@9.53.3~dfsg-7%252Bdeb11u6%3Fdistro=trixie

url pkg:deb/debian/ghostscript@9.53.3~dfsg-7%2Bdeb11u7?distro=trixie

purl pkg:deb/debian/ghostscript@9.53.3~dfsg-7%2Bdeb11u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gnq-h48d-kkb7

vulnerability	VCID-3bxh-1wn9-9baa

vulnerability	VCID-79h4-1vr5-7fbz

vulnerability	VCID-fm18-2c57-yyav

vulnerability	VCID-ph56-3bx6-u7bj

vulnerability	VCID-s49w-4m43-1fcb

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@9.53.3~dfsg-7%252Bdeb11u7%3Fdistro=trixie

url	pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8?distro=trixie

purl pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gnq-h48d-kkb7

vulnerability	VCID-3bxh-1wn9-9baa

vulnerability	VCID-79h4-1vr5-7fbz

vulnerability	VCID-fm18-2c57-yyav

vulnerability	VCID-ph56-3bx6-u7bj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8%3Fdistro=trixie

url	pkg:deb/debian/ghostscript@10.02.0~dfsg-1?distro=trixie
purl	pkg:deb/debian/ghostscript@10.02.0~dfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.02.0~dfsg-1%3Fdistro=trixie

url pkg:deb/debian/ghostscript@10.05.1~dfsg-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ghostscript@10.05.1~dfsg-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gnq-h48d-kkb7

vulnerability	VCID-ph56-3bx6-u7bj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.05.1~dfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ghostscript@10.07.1~dfsg-1?distro=trixie
purl	pkg:deb/debian/ghostscript@10.07.1~dfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.07.1~dfsg-1%3Fdistro=trixie

aliases CVE-2023-38559

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-12cv-9xgd-jbgu

url VCID-81cb-24sy-xuek

vulnerability_id VCID-81cb-24sy-xuek

summary In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the IJS device inherently must execute a command to start the IJS server).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43115.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43115.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-43115

reference_id

reference_type

scores

value	0.21677
scoring_system	epss
scoring_elements	0.95845
published_at	2026-06-05T12:55:00Z

value	0.21677
scoring_system	epss
scoring_elements	0.95848
published_at	2026-06-08T12:55:00Z

value	0.21677
scoring_system	epss
scoring_elements	0.95852
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-43115

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43115
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43115

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2241108
reference_id	2241108
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2241108

reference_url	https://access.redhat.com/errata/RHSA-2023:5868
reference_id	RHSA-2023:5868
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5868

reference_url	https://access.redhat.com/errata/RHSA-2023:6265
reference_id	RHSA-2023:6265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6265

reference_url	https://access.redhat.com/errata/RHSA-2023:6732
reference_id	RHSA-2023:6732
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6732

reference_url	https://usn.ubuntu.com/6433-1/
reference_id	USN-6433-1
reference_type
scores
url	https://usn.ubuntu.com/6433-1/

fixed_packages

url	pkg:deb/debian/ghostscript@9.53.3~dfsg-7%2Bdeb11u6?distro=trixie
purl	pkg:deb/debian/ghostscript@9.53.3~dfsg-7%2Bdeb11u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@9.53.3~dfsg-7%252Bdeb11u6%3Fdistro=trixie

url pkg:deb/debian/ghostscript@9.53.3~dfsg-7%2Bdeb11u7?distro=trixie

purl pkg:deb/debian/ghostscript@9.53.3~dfsg-7%2Bdeb11u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gnq-h48d-kkb7

vulnerability	VCID-3bxh-1wn9-9baa

vulnerability	VCID-79h4-1vr5-7fbz

vulnerability	VCID-fm18-2c57-yyav

vulnerability	VCID-ph56-3bx6-u7bj

vulnerability	VCID-s49w-4m43-1fcb

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@9.53.3~dfsg-7%252Bdeb11u7%3Fdistro=trixie

url	pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8?distro=trixie

purl pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gnq-h48d-kkb7

vulnerability	VCID-3bxh-1wn9-9baa

vulnerability	VCID-79h4-1vr5-7fbz

vulnerability	VCID-fm18-2c57-yyav

vulnerability	VCID-ph56-3bx6-u7bj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8%3Fdistro=trixie

url	pkg:deb/debian/ghostscript@10.02.0~dfsg-1?distro=trixie
purl	pkg:deb/debian/ghostscript@10.02.0~dfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.02.0~dfsg-1%3Fdistro=trixie

url pkg:deb/debian/ghostscript@10.05.1~dfsg-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ghostscript@10.05.1~dfsg-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gnq-h48d-kkb7

vulnerability	VCID-ph56-3bx6-u7bj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.05.1~dfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ghostscript@10.07.1~dfsg-1?distro=trixie
purl	pkg:deb/debian/ghostscript@10.07.1~dfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.07.1~dfsg-1%3Fdistro=trixie

aliases CVE-2023-43115

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-81cb-24sy-xuek

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u2%3Fdistro=trixie

Package Instance