How severe is CVE-2024-46951?

CVE-2024-46951 has a CVSS v3 score of 7.8 (HIGH).

CVE-2024-46951

7.8HIGH

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.

Published: 11/10/2024Updated: 11/3/2025

Description

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.

AI AnalysisPowered by AI

Affected Products

artifexghostscript

debiandebian_linux

12.0

suselinux_enterprise_high_performance_computing

12.0

suselinux_enterprise_server

suselinux_enterprise_server_for_sap

References

https://bugs.ghostscript.com/show_bug.cgi?id=707991
Permissions Required
https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8
Patch
https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html
Product
https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2024/11/msg00023.html