Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artifex ghostscript vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-9739
The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
Artifex Ghostscript Ghostxps 9.21
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2017-9612
The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote malicious users to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via a crafted document.
Artifex Ghostscript Ghostxps 9.21
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2021-45949
Ghostscript GhostPDL 9.50 up to and including 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).
Artifex Ghostscript
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.5
CVSSv3
CVE-2021-45944
Ghostscript GhostPDL 9.50 up to and including 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).
Artifex Ghostscript
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2023-36664
Artifex Ghostscript up to and including 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).
Artifex Ghostscript
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
5 Github repositories
8.8
CVSSv3
CVE-2019-14869
A flaw was found in all versions of ghostscript 9.x prior to 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScri...
Artifex Ghostscript
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Opensuse Leap 15.1
5.5
CVSSv3
CVE-2023-38559
A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local malicious user to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.
Artifex Ghostscript
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2020-16293
A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote malicious user to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Artifex Ghostscript
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
5.5
CVSSv3
CVE-2020-16296
A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote malicious user to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Artifex Ghostscript
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
5.5
CVSSv3
CVE-2020-16298
A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote malicious user to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Artifex Ghostscript
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »