CVE-2024-29507
- EPSS 0.72%
- Veröffentlicht 03.07.2024 19:15:03
- Zuletzt bearbeitet 28.04.2025 17:12:33
Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters.
CVE-2024-29510
- EPSS 27.97%
- Veröffentlicht 03.07.2024 19:15:03
- Zuletzt bearbeitet 28.04.2025 17:12:24
Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device.
CVE-2024-29511
- EPSS 1.14%
- Veröffentlicht 03.07.2024 19:15:03
- Zuletzt bearbeitet 28.04.2025 17:12:15
Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitrary file reading (and writing of error messages to arbitrary files) via OCRLanguage. For example, exploitation can use debug_file /t...
CVE-2024-33869
- EPSS 0.45%
- Veröffentlicht 03.07.2024 19:15:03
- Zuletzt bearbeitet 16.04.2025 19:14:53
An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur (via a crafted PostScript document) because of path reduction in base/gpmisc.c. For example, restrictions on use of %pipe% can be bypassed v...
CVE-2024-33870
- EPSS 0.52%
- Veröffentlicht 03.07.2024 19:15:03
- Zuletzt bearbeitet 16.04.2025 19:14:47
An issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal (via a crafted PostScript document) to arbitrary files if the current directory is in the permitted paths. For example, there can be a transformation of ../../foo ...
CVE-2024-33871
- EPSS 1.43%
- Veröffentlicht 03.07.2024 19:15:03
- Zuletzt bearbeitet 16.04.2025 19:14:28
An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp (and ...
CVE-2024-29506
- EPSS 0.91%
- Veröffentlicht 03.07.2024 18:15:04
- Zuletzt bearbeitet 21.11.2024 09:08:05
Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name.
CVE-2024-29508
- EPSS 0.38%
- Veröffentlicht 03.07.2024 18:15:04
- Zuletzt bearbeitet 17.03.2025 14:15:17
Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc.
CVE-2024-29509
- EPSS 1.45%
- Veröffentlicht 03.07.2024 18:15:04
- Zuletzt bearbeitet 20.03.2025 19:15:28
Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword (e.g., for runpdf) has a \000 byte in the middle.
CVE-2023-52722
- EPSS 0.33%
- Veröffentlicht 28.04.2024 00:15:07
- Zuletzt bearbeitet 23.06.2025 18:35:47
An issue was discovered in Artifex Ghostscript before 10.03.1. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard.