Redhat » 3scale Api Management : Security Vulnerabilities, CVEs, Published In 2019 CVSS score >= 5
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.
Max CVSS
7.8
EPSS Score
0.10%
Published
2019-11-27
Updated
2020-09-30
1 vulnerabilities found