Artifex

Ghostscript

129 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-46751

  • EPSS 0.11%
  • Published 06.12.2023 20:15:07
  • Last modified 21.11.2024 08:29:13

An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer.

8.8

CVE-2023-43115

  • EPSS 20.06%
  • Published 18.09.2023 08:15:07
  • Last modified 21.11.2024 08:23:43

In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is...

5.5

CVE-2023-4042

  • EPSS 0.03%
  • Published 23.08.2023 13:15:07
  • Last modified 21.11.2024 08:34:17

A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.

7.8

CVE-2020-21890

Exploit
  • EPSS 1.23%
  • Published 22.08.2023 19:16:18
  • Last modified 21.11.2024 05:12:56

Buffer Overflow vulnerability in clj_media_size function in devices/gdevclj.c in Artifex Ghostscript 9.50 allows remote attackers to cause a denial of service or other unspecified impact(s) via opening of crafted PDF document.

5.5

CVE-2020-21710

Exploit
  • EPSS 0.29%
  • Published 22.08.2023 19:16:16
  • Last modified 21.11.2024 05:12:49

A divide by zero issue discovered in eps_print_page in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers to cause a denial of service via opening of crafted PDF file.

5.5

CVE-2023-38559

  • EPSS 0.02%
  • Published 01.08.2023 17:15:09
  • Last modified 21.11.2024 08:13:49

A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.

5.5

CVE-2023-38560

  • EPSS 0.02%
  • Published 01.08.2023 17:15:09
  • Last modified 21.11.2024 08:13:49

An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format.

7.8

CVE-2023-36664

  • EPSS 4.52%
  • Published 25.06.2023 22:15:21
  • Last modified 05.12.2024 15:15:07

Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).

9.8

CVE-2023-28879

Exploit
  • EPSS 31.98%
  • Published 31.03.2023 17:15:06
  • Last modified 14.02.2025 20:15:33

In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is f...

7.1

CVE-2020-27792

  • EPSS 0.05%
  • Published 19.08.2022 23:15:08
  • Last modified 30.04.2025 10:15:15

A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could l...