102 matches found
Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2025-927)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-927 advisory. PDF interpreter - Guard against unsigned int overflow. A large Type 4 function definition can overflow the uint counter, causing the allocated buffer to be smaller than required. Info:...
Fedora 40 : ghostscript (2025-3a7a29de24)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-3a7a29de24 advisory. CVE-2025-27835 ghostscript: Buffer overflow when converting glyphs to unicode fedora2355025 CVE-2025-27834 ghostscript: Buffer overflow caused by an...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ghostscript (SUSE-SU-2025:1127-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1127-1 advisory. - CVE-2025-27831: Fixed text buffer overflow in DOCXWRITE TXTWRITE device via long characters to...
SUSE SLES12 Security Update : ghostscript (SUSE-SU-2025:1118-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1118-1 advisory. - CVE-2025-27831: Fixed text buffer overflow in DOCXWRITE TXTWRITE device via long characters to devices/vector/doccommon.c bsc1240075 -...
Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2025-908)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-908 advisory. Potential integer and buffer overflow with DollarBlend during serializing a multiple master font for passing to Freetype. Fixed by changing a variable type from short to unsigned short and...
Amazon Linux 2 : ghostscript (ALAS-2025-2805)
The version of ghostscript installed on the remote host is prior to 9.54.0-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2805 advisory. Potential integer and buffer overflow with DollarBlend during serializing a multiple master font for passing to...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Ghostscript vulnerabilities (USN-7378-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7378-1 advisory. It was discovered that Ghostscript incorrectly serialized DollarBlend in certain fonts. An attacker could use this issue ...
USN-7378-1: Ghostscript vulnerabilities
It was discovered that Ghostscript incorrectly serialized DollarBlend in certain fonts. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-27830 It was discovered that Ghostscript incorrectly handled the...
Advisory ROSA-SA-2025-2723
Software: ghostscript 9.27 OS: ROSA Virtualization 3.0 packageevrstring: ghostscript-9.27-15.0.2.rv30 CVE-ID: CVE-2024-46951 BDU-ID: 2024-09419 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the psi/zcolor.c component of the Ghostscript document processing, conversion, and generation software suite...
GHSA-MQ7H-FM69-H6XQ vulnerabilities
Vulnerabilities for packages: ghostscript...
GHSA-3XR3-VRM2-6JC7 vulnerabilities
Vulnerabilities for packages: ghostscript...
GHSA-R824-GQ56-GJGX vulnerabilities
Vulnerabilities for packages: ghostscript...
GHSA-V6HC-9C6C-F599 vulnerabilities
Vulnerabilities for packages: ghostscript...
GHSA-5473-W6GQ-5R5G vulnerabilities
Vulnerabilities for packages: ghostscript...
GHSA-G9M4-VFQ7-W439 vulnerabilities
Vulnerabilities for packages: ghostscript...
Advisory ROSA-SA-2025-2682
Software: ghostscript 9.27 OS: ROSA Virtualization 3.0 packageevrstring: ghostscript-9.27-11.0.1 CVE-ID: CVE-2019-14813 BDU-ID: 2019-03227 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the setsystemparams procedure of the PostScript Ghostscript file format conversion program is related to...
Advisory ROSA-SA-2025-2623
software: ghostscript10 10.02.1 OS: ROSA-CHROME packageevrstring: ghostscript10-10.02.1-3 CVE-ID: CVE-2024-29506 BDU-ID: 2024-05558 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the pdfiapplyfilter function of the Ghostscript document processing, conversion, and generation software suite is...
Advisory ROSA-SA-2025-2622
software: ghostscript 9.54.0 OS: ROSA-CHROME packageevrstring: ghostscript-9.54.0-11 CVE-ID: CVE-2023-38559 BDU-ID: 2023-07662 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the devnpcxwriterle function of the base/gdevdevdevn.c component of the Ghostscript document processing software suite...
GPL Ghostscript: Multiple Vulnerabilities
Background Ghostscript is an interpreter for the PostScript language and for PDF. Description Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workarou...
EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2025-1055)
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver...