CVE-2023-36664
Description
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).
NVD
Severity: HIGH
CVE ID: CVE-2023-36664
CVSS Score: 7.8
CVSS Metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Proof Of Concept
jakabakos
Ghostscript command injection vulnerability PoC (CVE-2023-36664)
Refrence: GitHub
winkler-winsen
Scan for GhostScript files affected to CVE-2023-36664
Refrence: GitHub
jeanchpt
Proof of concept developed for the CVE-2023-36664
Refrence: GitHub
churamanib
Refrence: GitHub