{"id":"CVE-2024-33869","details":"An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur (via a crafted PostScript document) because of path reduction in base/gpmisc.c. For example, restrictions on use of %pipe% can be bypassed via the aa/../%pipe%command# output filename.","modified":"2026-03-14T12:33:29.576406Z","published":"2024-07-03T19:15:03.767Z","related":["ALSA-2024:6197","CGA-7h72-cw77-7p5v","MGASA-2024-0192","SUSE-SU-2024:2276-1","SUSE-SU-2024:2292-1","openSUSE-SU-2024:14090-1"],"references":[{"type":"REPORT","url":"https://bugs.ghostscript.com/show_bug.cgi?id=707691"},{"type":"ARTICLE","url":"https://www.openwall.com/lists/oss-security/2024/06/28/2"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/artifexsoftware/ghostpdl-downloads","events":[{"introduced":"0"},{"fixed":"865d8905b3fdb3a0fabe3628a67bad634cf88ba9"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"10.03.1"}]}}],"versions":["9.21rc1","9.27","9.27rc1","9.54.0rc1","ghostpdl-9.51","ghostpdl-9.51rc2","ghostpdl-9.53.0rc1","ghostpdl-9.53.0rc2","ghostpdl-9.55","gpdf_alpha1","gpdf_alpha2","gpdf_beta1","gs10.0.0rc1","gs1000","gs1000rc2","gs1001","gs10010","gs10010rc1","gs10010rc2","gs10011","gs10012","gs10020","gs10020rc1","gs10020rc2","gs10021","gs10030","gs10030rc1","gs9.26rc1","gs9.27","gs918","gs919","gs920","gs920rc1","gs921","gs922","gs922rc1","gs922rc2","gs923","gs923rc1","gs924","gs924rc2","gs925","gs925rc1","gs926","gs927","gs928rc1","gs928rc2","gs928rc3","gs928rc4","gs950","gs951","gs951rc3","gs952","gs9530","gs9531","gs9532","gs9533","gs9540","gs9550","gs9550rc1","gs9560","gs9560rc1","gs9560rc2","gs9561"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-33869.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}]}