SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ghostscript (SUSE-SU-2023:1799-1)

critical Nessus Plugin ID 174025

Language:

Version 1.8 Sep 27, 2023, 2:15 PM CVSS metrics ("CVSSv2 score" changed from 7.5 to 10.0. "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C". "CVSSv3 vector" changed from "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H". "CVSSv3 score" changed from 8.4 to 9.8) CVSSv3 score source (set to "CVE-2023-28879") Plugin Feed: 202309271415
Version 1.7 Sep 19, 2023, 5:19 PM CVSS metrics ("CVSSv2 score" changed from 10.0 to 7.5. "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C" to "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P". "CVSSv3 score" changed from 9.8 to 8.4. "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" to "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H") CVSSv3 score source (set to "CVE-2023-28879") Plugin Feed: 202309191719
Version 1.6 Jul 14, 2023, 10:50 AM Detection Plugin metadata Plugin Feed: 202307141050
Version 1.4 Jun 30, 2023, 8:10 AM IAVM reference Plugin Feed: 202306300810
Version 1.3 Apr 19, 2023, 2:07 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True". "Exploit available" set to "True". "Exploit available" set to "True". "Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202304191407
Version 1.2 Apr 14, 2023, 10:10 AM IAVM reference STIG Severity (set to "I") Plugin Feed: 202304141010
Version 1.1 Apr 10, 2023, 2:11 PM CVSSv3 score source (set to "CVE-2023-28879") CVSSv2 severity (based on CVE-2023-28879, severity increased from "Medium" to "High") CVSS metrics ("CVSSv2 score" changed from 6.8 to 10.0. "CVSSv2 score" changed from 6.8 to 10.0. "CVSSv2 score" changed from 6.8 to 10.0. "CVSSv3 score" changed from 7.8 to 9.8. "CVSSv3 vector" changed from "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H". "CVSSv2 vector" changed from "CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C". "CVSSv3 score" changed from 7.8 to 9.8. "CVSSv3 vector" changed from "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H". "CVSSv2 vector" changed from "CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C". "CVSSv3 score" changed from 7.8 to 9.8. "CVSSv3 vector" changed from "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H". "CVSSv2 vector" changed from "CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C". "CVSSv3 score" changed from 7.8 to 9.8) Plugin Feed: 202304101411
Version 1.0 Apr 8, 2023, 4:08 PM New Plugin Feed: 202304081608

* Changelogs are generally available for changes made after Nov 1, 2022