CVE & CISA-KEV Catalog

CVE-2023-36664

HIGHEPSS 87th pctl
7.8
CVSS v3
NVD

Description

Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).

How to fix

Remediation Available
ghostscriptDebian
Fixed in:9.53.3~dfsg-7+deb11u5CVE-2023-36664
Fixed in:10.0.0~dfsg-11+deb12u1CVE-2023-36664
Fixed in:10.01.2~dfsg-1CVE-2023-36664
Fixed in:10.01.2~dfsg-1CVE-2023-36664
ghostscriptRocky
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
ghostscriptRed Hat / RHEL
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
ghostscript-debuginfoRed Hat / RHEL
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
ghostscript-debuginfoRocky
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
ghostscript-debugsourceRed Hat / RHEL
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
ghostscript-debugsourceRocky
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
ghostscript-docRocky
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
ghostscript-docRed Hat / RHEL
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
ghostscript-gtk-debuginfoRocky
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
ghostscript-gtk-debuginfoRed Hat / RHEL
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
ghostscript-tools-dvipdfRocky
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
ghostscript-tools-dvipdfRed Hat / RHEL
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
ghostscript-tools-fontsRed Hat / RHEL
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
ghostscript-tools-fontsRocky
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
ghostscript-tools-printingRocky
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
ghostscript-tools-printingRed Hat / RHEL
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
ghostscript-x11Rocky
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
ghostscript-x11Red Hat / RHEL
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
ghostscript-x11-debuginfoRed Hat / RHEL
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
ghostscript-x11-debuginfoRocky
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
libgsRed Hat / RHEL
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
libgsRocky
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
libgs-debuginfoRocky
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
libgs-debuginfoRed Hat / RHEL
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
libgs-develRed Hat / RHEL
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
libgs-develRocky
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-7.el9_0.1RHSA-2023:4324
Fixed in:0:9.54.0-10.el9_2RHSA-2023:5459
ghostscriptUbuntu
Fixed in:9.50~dfsg-5ubuntu4.8USN-6213-1
Fixed in:9.55.0~dfsg1-0ubuntu5.3USN-6213-1
Fixed in:9.56.1~dfsg1-0ubuntu3.2USN-6213-1
Fixed in:10.0.0~dfsg1-0ubuntu1.2USN-6213-1

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploit Intelligence

3.24%probability of exploitation in 30 days
87thpercentile

Elevated risk: more likely to be exploited than 87% of all known CVEs.

References

Embed a live status badge for CVE-2023-36664
CVE-2023-36664 severity badge

Markdown

[![CVE-2023-36664](https://tridentstack.com/cve/badge/CVE-2023-36664.svg)](https://tridentstack.com/cve/CVE-2023-36664)

HTML

<a href="https://tridentstack.com/cve/CVE-2023-36664"><img src="https://tridentstack.com/cve/badge/CVE-2023-36664.svg" alt="CVE-2023-36664"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-12-05.