CVE-2020-36773
- EPSS 0.88%
- Veröffentlicht 04.02.2024 18:16:00
- Zuletzt bearbeitet 22.05.2025 18:15:23
Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one Unicode code point (e.g., for a ligature).
CVE-2023-46751
- EPSS 1.53%
- Veröffentlicht 06.12.2023 20:15:07
- Zuletzt bearbeitet 21.11.2024 08:29:13
An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer.
CVE-2023-43115
- EPSS 4.68%
- Veröffentlicht 18.09.2023 08:15:07
- Zuletzt bearbeitet 21.11.2024 08:23:43
In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is...
CVE-2023-4042
- EPSS 0.33%
- Veröffentlicht 23.08.2023 13:15:07
- Zuletzt bearbeitet 21.11.2024 08:34:17
A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.
CVE-2020-21890
- EPSS 0.71%
- Veröffentlicht 22.08.2023 19:16:18
- Zuletzt bearbeitet 21.11.2024 05:12:56
Buffer Overflow vulnerability in clj_media_size function in devices/gdevclj.c in Artifex Ghostscript 9.50 allows remote attackers to cause a denial of service or other unspecified impact(s) via opening of crafted PDF document.
CVE-2020-21710
- EPSS 0.62%
- Veröffentlicht 22.08.2023 19:16:16
- Zuletzt bearbeitet 21.11.2024 05:12:49
A divide by zero issue discovered in eps_print_page in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers to cause a denial of service via opening of crafted PDF file.
CVE-2023-38559
- EPSS 0.45%
- Veröffentlicht 01.08.2023 17:15:09
- Zuletzt bearbeitet 23.06.2026 18:17:32
A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.
CVE-2023-38560
- EPSS 0.34%
- Veröffentlicht 01.08.2023 17:15:09
- Zuletzt bearbeitet 21.11.2024 08:13:49
An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format.
CVE-2023-36664
- EPSS 3.24%
- Veröffentlicht 25.06.2023 22:15:21
- Zuletzt bearbeitet 05.12.2024 15:15:07
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).
CVE-2023-28879
- EPSS 6.34%
- Veröffentlicht 31.03.2023 17:15:06
- Zuletzt bearbeitet 14.02.2025 20:15:33
In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is f...