CVE-2024-29511 is a high-severity directory traversal vulnerability affecting Artifex Ghostscript versions prior to 10.03.1 when integrated with Tesseract OCR for optical character recognition. The vulnerability arises from improper sanitization of the OCRLanguage parameter, which can be manipulated to traverse directories and access arbitrary files on the host system. This allows an attacker to read sensitive files such as /etc/passwd by specifying paths in parameters like user_patterns_file. Furthermore, the vulnerability permits writing error messages to arbitrary files, for example, by setting debug_file to a target path, potentially enabling limited file modification. The flaw requires no authentication or user interaction and can be exploited remotely, increasing its risk profile. The CVSS v3.1 base score is 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), reflecting high confidentiality impact with no integrity or availability impact. Although no public exploits have been reported yet, the vulnerability is significant given Ghostscript's widespread use in document processing and OCR workflows. The underlying weakness corresponds to CWE-489 (Directory Traversal). No official patches were linked at the time of publication, so mitigation may require configuration changes or temporary workarounds until updates are available.

The primary impact of CVE-2024-29511 is unauthorized disclosure of sensitive information due to arbitrary file read capabilities. Attackers can access critical system files, configuration data, or application secrets, potentially leading to further compromise or data leakage. The ability to write error messages to arbitrary files, while limited, could be leveraged for partial file manipulation or to disrupt system operations. Since exploitation requires no authentication or user interaction and can be performed remotely, the vulnerability poses a significant risk to organizations running vulnerable Ghostscript versions with Tesseract OCR enabled. This risk is amplified in environments processing untrusted documents or exposed to external networks. Confidentiality breaches could affect compliance with data protection regulations and damage organizational reputation. However, the vulnerability does not directly impact system integrity or availability, limiting its scope to information disclosure.

1. Upgrade Ghostscript to version 10.03.1 or later as soon as a patch becomes available to fully remediate the vulnerability. 2. Until patches are released, disable or restrict the use of Tesseract OCR integration within Ghostscript if feasible, especially in environments processing untrusted inputs. 3. Implement strict input validation and sanitization on parameters related to OCRLanguage, debug_file, and user_patterns_file to prevent directory traversal attempts. 4. Employ application-layer firewalls or intrusion detection systems to monitor and block suspicious requests targeting OCR parameters. 5. Restrict file system permissions for the Ghostscript process to limit access to sensitive files and directories, minimizing the impact of potential exploitation. 6. Conduct regular security audits and scanning to detect vulnerable Ghostscript versions and anomalous file access patterns. 7. Educate developers and system administrators about the risks of directory traversal in OCR workflows and encourage secure coding practices.