Joffcom
commented
10 months ago I would email PaperCut support with the details, while the DLL itself is vulnerable there is a chance that Ghosttrap itself isn’t as it is designed to be a secure sandbox.
There is a KB page listing the CVEs that dont apply here: https://www.papercut.com/kb/Main/GhostScriptVulnerabilities
Our Qualys vulnerability scanner is detecting vulnerability with Ghost Trap per C:\Program Files\GhostTrap\bin\gsdll64.dll Version is 0.0.9.27. after we setup Print Deploy Mobility Print. It doesn't appear that this has been updated since 2019 (as shown here: https://www.papercut.com/help/manuals/mobility-print/how-it-works/ghost-trap-script/ and here: https://github.com/PaperCutSoftware/GhostTrap). Any thoughts on when it will be updated and how we can remediate the vulnerability which is at level 4 out of level 5? Thank you!