Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artifex ghostscript - vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-36664
Artifex Ghostscript up to and including 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).
Artifex Ghostscript
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
5 Github repositories
9.8
CVSSv3
CVE-2023-28879
In Artifex Ghostscript up to and including 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte ...
Artifex Ghostscript
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.1
CVSSv3
CVE-2020-27792
A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an malicious user to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corru...
Artifex Ghostscript
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2022-2085
A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a prototype that depends upon the nu...
Artifex Ghostscript 9.55.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.8
CVSSv3
CVE-2019-25059
Artifex Ghostscript up to and including 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for CVE-2019-3839.
Artifex Ghostscript
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2022-1350
A vulnerability classified as problematic was found in GhostPCL 9.55.0. This vulnerability affects the function chunk_free_object of the file gsmchunk.c. The manipulation with a malicious file leads to a memory corruption. The attack can be initiated remotely but requires user in...
Artifex Ghostpcl 9.55.0
9.9
CVSSv3
CVE-2021-3781
A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript in...
Artifex Ghostscript 9.52
Artifex Ghostscript 9.50
Artifex Ghostscript 9.53.3
Artifex Ghostscript 9.54.0
Fedoraproject Fedora 34
1 Github repository
5.5
CVSSv3
CVE-2021-45944
Ghostscript GhostPDL 9.50 up to and including 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).
Artifex Ghostscript
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.5
CVSSv3
CVE-2021-45949
Ghostscript GhostPDL 9.50 up to and including 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).
Artifex Ghostscript
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.5
CVSSv3
CVE-2020-14373
A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.
Artifex Ghostscript 9.25
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »