Kevin Beaumont on Nostr: I think CVE-2024-29510 (Ghostscript vuln) may apply to Mastodon, as Mastodon sends ...
I think CVE-2024-29510 (Ghostscript vuln) may apply to Mastodon, as Mastodon sends images to ImageMagick, which can call Ghostscript. But I might be wrong.
Published at
2024-07-03 16:29:13Event JSON
{
"id": "43206c89516543125e262fe47a847ce936028523331ae9601c8ecea458d9c788",
"pubkey": "fe31a74ce7a735689686a4a8bdb765a8f4db945d91b67412c75058a82a51cffd",
"created_at": 1720024153,
"kind": 1,
"tags": [
[
"proxy",
"https://cyberplace.social/@GossiTheDog/112723502940530795",
"web"
],
[
"proxy",
"https://cyberplace.social/users/GossiTheDog/statuses/112723502940530795",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://cyberplace.social/users/GossiTheDog/statuses/112723502940530795",
"pink.momostr"
],
[
"expiration",
"1722616369"
]
],
"content": "I think CVE-2024-29510 (Ghostscript vuln) may apply to Mastodon, as Mastodon sends images to ImageMagick, which can call Ghostscript. But I might be wrong.",
"sig": "a4bc360f9e5ce944c876ffef7b2b2621ea1ce2116f523241eb16132482c60dc2375279bb8e953bd97e3cc46b421d46002db8f9b86e994cd7dfe74f5311419976"
}