Custom Query (15484 matches)
Results (16 - 18 of 15484)
New point version.
New minor version.
|#15517||fixed||New public ghostscript vulnerability.|
Today debian announced they have patched ghostscript for CVE-2021-3781. a new 0-day which has been exploited for some time, and public for a few days. In particular, it can be exploited via ImageMagick's convert program if that can be used to convert uploaded files to a different format.
Upstream bug report now public at https://bugs.ghostscript.com/show_bug.cgi?id=704342 - this applies to all versions from 9.50 onwards.