{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19001?format=json","vulnerability_id":"VCID-erab-enwf-wkbd","summary":"","aliases":[{"alias":"CVE-2024-29510"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/231750?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=aarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/231751?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=armhf&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=armhf&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/231752?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=armv7&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=armv7&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/231753?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=loongarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=loongarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/231754?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=ppc64le&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/231755?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=riscv64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/231756?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=s390x&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/231758?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=x86_64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=x86_64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/231757?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=x86&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/169002?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=aarch64&distroversion=v3.19&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=aarch64&distroversion=v3.19&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/169003?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=armhf&distroversion=v3.19&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=armhf&distroversion=v3.19&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/169004?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=armv7&distroversion=v3.19&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=armv7&distroversion=v3.19&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/169005?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=ppc64le&distroversion=v3.19&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=ppc64le&distroversion=v3.19&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/169006?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=s390x&distroversion=v3.19&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=s390x&distroversion=v3.19&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/169008?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=x86_64&distroversion=v3.19&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=x86_64&distroversion=v3.19&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/169007?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=x86&distroversion=v3.19&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=x86&distroversion=v3.19&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/109536?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=aarch64&distroversion=v3.21&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=aarch64&distroversion=v3.21&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/142343?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=aarch64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=aarch64&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/109537?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=armhf&distroversion=v3.21&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=armhf&distroversion=v3.21&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/142344?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=armhf&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=armhf&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/109538?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=armv7&distroversion=v3.21&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=armv7&distroversion=v3.21&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/142345?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=armv7&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=armv7&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/109539?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=loongarch64&distroversion=v3.21&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=loongarch64&distroversion=v3.21&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/142346?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=loongarch64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=loongarch64&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/109540?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=ppc64le&distroversion=v3.21&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=ppc64le&distroversion=v3.21&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/142347?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=ppc64le&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=ppc64le&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/109541?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=riscv64&distroversion=v3.21&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=riscv64&distroversion=v3.21&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/142348?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=riscv64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=riscv64&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/109542?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=s390x&distroversion=v3.21&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=s390x&distroversion=v3.21&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/142349?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=s390x&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=s390x&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/109544?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=x86_64&distroversion=v3.21&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=x86_64&distroversion=v3.21&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/142351?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=x86_64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=x86_64&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/109543?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=x86&distroversion=v3.21&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=x86&distroversion=v3.21&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/142350?format=json","purl":"pkg:apk/alpine/ghostscript@10.03.1-r0?arch=x86&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ghostscript@10.03.1-r0%3Farch=x86&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/43075?format=json","purl":"pkg:deb/debian/ghostscript@9.53.3~dfsg-7%2Bdeb11u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-de8m-bsbn-zya2"},{"vulnerability":"VCID-e5q5-zjtg-43dm"},{"vulnerability":"VCID-qejy-x1nn-cubn"},{"vulnerability":"VCID-uprr-xcv4-yqet"},{"vulnerability":"VCID-va6q-cp4q-kbfp"},{"vulnerability":"VCID-wgmz-wmtr-nkf7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@9.53.3~dfsg-7%252Bdeb11u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/43128?format=json","purl":"pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/43073?format=json","purl":"pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-de8m-bsbn-zya2"},{"vulnerability":"VCID-e5q5-zjtg-43dm"},{"vulnerability":"VCID-uprr-xcv4-yqet"},{"vulnerability":"VCID-va6q-cp4q-kbfp"},{"vulnerability":"VCID-wgmz-wmtr-nkf7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/43132?format=json","purl":"pkg:deb/debian/ghostscript@10.03.1~dfsg~git20240518-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.03.1~dfsg~git20240518-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/43077?format=json","purl":"pkg:deb/debian/ghostscript@10.05.1~dfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-e5q5-zjtg-43dm"},{"vulnerability":"VCID-va6q-cp4q-kbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.05.1~dfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/43076?format=json","purl":"pkg:deb/debian/ghostscript@10.07.1~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.07.1~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/8330?format=json","purl":"pkg:ebuild/app-text/ghostscript-gpl@10.03.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-text/ghostscript-gpl@10.03.1"}],"affected_packages":[],"references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29510","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29510"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33869","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33869"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33870","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33870"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33871"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.openwall.com/lists/oss-security/2024/07/03/7","reference_id":"7","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T13:49:45Z/"}],"url":"https://www.openwall.com/lists/oss-security/2024/07/03/7"},{"reference_url":"https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation/","reference_id":"cve-2024-29510-ghostscript-format-string-exploitation","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T13:49:45Z/"}],"url":"https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation/"},{"reference_url":"https://security.gentoo.org/glsa/202409-03","reference_id":"GLSA-202409-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-03"},{"reference_url":"https://bugs.ghostscript.com/show_bug.cgi?id=707662","reference_id":"show_bug.cgi?id=707662","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T13:49:45Z/"}],"url":"https://bugs.ghostscript.com/show_bug.cgi?id=707662"}],"weaknesses":[],"exploits":[{"date_added":null,"description":"This module exploits a format string vulnerability in Ghostscript\n          versions before 10.03.1 to achieve a SAFER sandbox bypass and execute\n          arbitrary commands. This vulnerability is reachable via libraries such as\n          ImageMagick.\n\n          This exploit only works against Ghostscript versions 10.03.0 and\n          10.01.2. Some offsets adjustement will probably be needed to make it\n          work with other versions.","required_action":null,"due_date":null,"notes":"Stability:\n  - crash-safe\nSideEffects:\n  - artifacts-on-disk\nReliability:\n  - repeatable-session\n","known_ransomware_campaign_use":false,"source_date_published":"2024-03-14","exploit_type":null,"platform":"Linux,Unix","source_date_updated":null,"data_source":"Metasploit","source_url":"https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/fileformat/ghostscript_format_string_cve_2024_29510.rb"}],"severity_range_score":"5.5 - 6.3","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-erab-enwf-wkbd"}