Um… CVE-2024-29510 (Ghostscript format string vuln that lets RCE escape the sandbox) sounds…bad? Especially since GS is in many automagic document processing pipelines in thousands of orgs (who likely don't know it’s powering their pipelines).
https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation/
Yeah, CVE-2024-29510 is gonna be super bad. I'm gonna guess that in ~3-6 months I’ll be getting 5-10 more orgs giving me free credit monitoring for a while.
@hrbrmstr This was a hell of a thing to wake up to