Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).
https://medium.com/@musorblyat/-9d52aee36d7a?source=rss------hacking-5
https://medium.com/@seangreptzy/htb-hospital-fdb324b2c363?source=rss------hacking-5
https://medium.com/@pk2212/htb-hospital-walkthrough-57fb9ace96db?source=rss------cve-5
https://medium.com/@humairadamu/hospital-a-htb-write-up-31870430139d?source=rss------cybersecurity-5
https://medium.com/@pwnstar/hospital-htb-write-up-084725546c15?source=rss------hacking-5
https://www.debian.org/security/2023/dsa-5446
https://security.gentoo.org/glsa/202309-03
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=505eab7782b429017eb434b2b95120855f2b0e3c
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=0974e4f2ac0005d3731e0b5c13ebc7e965540f4d