Revision as of 16:31, 28 July 2023 by Monique Gähl (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Date 2023-07-25
Severity Medium
  • BlueSpice Infrastructure: Ghostscript
Fixed in
  • Ghostscript 9.53.3 and 10.01.2
CVE CVE-2023-36664


A bug in ghostscript can be exploited to run arbitrary code on the host machine using prepared PDF document. In BlueSpice, when a) PDFHandler is enabled and b) a PDF document is uploaded, a preview image is being generated using ghostscript. If an attacker uploads a prepared PDF, they can execute code on the server.

PDFHandler is not enabled by default, but many installations have set it active.


Upgrade Ghostscript to a fixed version and ensure the updated version is used by adding $wgPdfProcessor = '/usr/bin/gs'; to LocalSettings.php.

If upgrade of Ghostscript is not possible, disable the extension PDFHandler. This, however, removes the ability for BlueSpice to render PDF preview images.



Found during an internal security audit.

No categories assignedEdit