What is the severity of CVE-2024-29508?

CVE-2024-29508 is classified as a high severity vulnerability due to the potential for sensitive data disclosure.

How do I fix CVE-2024-29508?

To fix CVE-2024-29508, update Ghostscript to version 10.03.1 or later.

What is the affected software for CVE-2024-29508?

CVE-2024-29508 affects versions of Artifex Ghostscript prior to 10.03.0.

What are the implications of CVE-2024-29508?

The implications of CVE-2024-29508 include the potential for unauthorized access to sensitive data through pointer disclosure.

Is there a known exploit for CVE-2024-29508?

As of now, there are no publicly known exploits for CVE-2024-29508.

Vulnerability/
CVE-2024-29508

low

3.3

3/7/2024

22/10/2024

CVE-2024-29508

First published: Wed Jul 03 2024(Updated: )

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
debian/ghostscript	<=9.53.3~dfsg-7+deb11u7<=10.0.0~dfsg-11+deb12u4	10.0.0~dfsg-11+deb12u5 10.03.1~dfsg-2
Artifex Software Ghostscript	<10.03.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-29508?
CVE-2024-29508 is classified as a high severity vulnerability due to the potential for sensitive data disclosure.
How do I fix CVE-2024-29508?
To fix CVE-2024-29508, update Ghostscript to version 10.03.1 or later.
What is the affected software for CVE-2024-29508?
CVE-2024-29508 affects versions of Artifex Ghostscript prior to 10.03.0.
What are the implications of CVE-2024-29508?
The implications of CVE-2024-29508 include the potential for unauthorized access to sensitive data through pointer disclosure.
Is there a known exploit for CVE-2024-29508?
As of now, there are no publicly known exploits for CVE-2024-29508.

agent/first-publish-date
agent/type
agent/remedy
agent/author
agent/severity
collector/security-tracker-debian
source/Debian
agent/software-canonical-lookup
collector/usn-cve
source/Ubuntu
agent/references
agent/softwarecombine
agent/description
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/trending
agent/source
agent/tags
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-api
package-manager/debian
vendor/artifex
canonical/artifex software ghostscript

Frequently Asked Questions

What is the severity of CVE-2024-29508?
CVE-2024-29508 is classified as a high severity vulnerability due to the potential for sensitive data disclosure.
How do I fix CVE-2024-29508?
To fix CVE-2024-29508, update Ghostscript to version 10.03.1 or later.
What is the affected software for CVE-2024-29508?
CVE-2024-29508 affects versions of Artifex Ghostscript prior to 10.03.0.
What are the implications of CVE-2024-29508?
The implications of CVE-2024-29508 include the potential for unauthorized access to sensitive data through pointer disclosure.
Is there a known exploit for CVE-2024-29508?
As of now, there are no publicly known exploits for CVE-2024-29508.

CVE-2024-29508

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-29508?

How do I fix CVE-2024-29508?

What is the affected software for CVE-2024-29508?

What are the implications of CVE-2024-29508?

Is there a known exploit for CVE-2024-29508?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-29508?

How do I fix CVE-2024-29508?

What is the affected software for CVE-2024-29508?

What are the implications of CVE-2024-29508?

Is there a known exploit for CVE-2024-29508?