Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artifex ghostscript 9.53.3 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-36664
Artifex Ghostscript up to and including 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).
Artifex Ghostscript
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
5 Github repositories
9.8
CVSSv3
CVE-2023-28879
In Artifex Ghostscript up to and including 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte ...
Artifex Ghostscript
Debian Debian Linux 10.0
Debian Debian Linux 11.0
9.9
CVSSv3
CVE-2021-3781
A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript in...
Artifex Ghostscript 9.52
Artifex Ghostscript 9.50
Artifex Ghostscript 9.53.3
Artifex Ghostscript 9.54.0
Fedoraproject Fedora 34
1 Github repository
5.5
CVSSv3
CVE-2021-45944
Ghostscript GhostPDL 9.50 up to and including 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).
Artifex Ghostscript
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.5
CVSSv3
CVE-2021-45949
Ghostscript GhostPDL 9.50 up to and including 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).
Artifex Ghostscript
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started