View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2017-8291 severity moderate: SUSE including 60 source package names (ghostscript, ghostscript-10.05.0-160000.2.2, …), 162 product×package rows across 57 product lines (SUSE CaaS Platform 4.0, SUSE Enterprise Storage 6, … (57 product lines)): Fixed 132, Known Not Affected 30.
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.