CVE-2023-4042

A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*

History

27 Dec 2023, 22:04

Type Values Removed Values Added
CPE cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
References () https://access.redhat.com/errata/RHSA-2023:7053 - () https://access.redhat.com/errata/RHSA-2023:7053 - Third Party Advisory
First Time Redhat codeready Linux Builder For Ibm Z Systems
Redhat enterprise Linux For Ibm Z Systems
Redhat enterprise Linux For Arm 64
Redhat enterprise Linux For Power Little Endian
Redhat codeready Linux Builder
Redhat codeready Linux Builder For Power Little Endian
Redhat codeready Linux Builder For Arm64

14 Nov 2023, 21:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2023:7053 -

29 Aug 2023, 15:40

Type Values Removed Values Added
CPE cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*
CWE CWE-787
References (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2228151 - (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2228151 - Issue Tracking, Third Party Advisory
References (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1870257 - (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1870257 - Issue Tracking, Third Party Advisory
References (MISC) https://access.redhat.com/security/cve/CVE-2023-4042 - (MISC) https://access.redhat.com/security/cve/CVE-2023-4042 - Third Party Advisory
First Time Artifex ghostscript
Redhat enterprise Linux
Artifex
Redhat
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5

23 Aug 2023, 13:17

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-23 13:15

Updated : 2023-12-27 22:04


NVD link : CVE-2023-4042

Mitre link : CVE-2023-4042

CVE.ORG link : CVE-2023-4042


JSON object : View

Products Affected

redhat

  • codeready_linux_builder_for_ibm_z_systems
  • codeready_linux_builder_for_power_little_endian
  • enterprise_linux_for_arm_64
  • codeready_linux_builder
  • enterprise_linux_for_power_little_endian
  • enterprise_linux
  • enterprise_linux_for_ibm_z_systems
  • codeready_linux_builder_for_arm64

artifex

  • ghostscript
CWE
CWE-787

Out-of-bounds Write

CWE-125

Out-of-bounds Read