CVE-2022-44544

Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag -dSAFER is not set with Ghostscript...

Design/Logic Flaw

Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag -dSAFER is not set with Ghostscript...

CVE-2022-44544

Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag -dSAFER is not set with Ghostscript...

PT-2022-36748 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-underflow read error. Technical details include the crash type and state, which involve functions such as gs type2...

CVE-2022-44544

CVE-2022-44544 affects Mahara versions: 21.04 up to 21.04.7, 21.10 up to 21.10.5, 22.04 up to 22.04.3, and 22.10 up to 22.10.0. The vulnerability stems from the PDF export function lacking sufficient protection, potentially allowing a remote shell if Ghostscript runs on Ubuntu without -dSAFER. Af...

CVE-2022-44544

Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag -dSAFER is not set with Ghostscript...

PT-2022-36736 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-use-after-free READ 8 crash has been reported. The crash involves the gs font finalize and gs gc reclaim functions, and the ireclaim process. No...

PT-2022-36710 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Stack-use-after-return READ 4. The crash state involves several functions, including gs type2 interpre...

CVE-2022-29851

documentconverter in OX App Suite through 7.10.6, in a non-default configuration with ghostscript, allows OS Command Injection because file conversion may occur for an EPS document that is disguised as a PDF document...

Command injection

documentconverter in OX App Suite through 7.10.6, in a non-default configuration with ghostscript, allows OS Command Injection because file conversion may occur for an EPS document that is disguised as a PDF document...

CVE-2022-29851

documentconverter in OX App Suite through 7.10.6, in a non-default configuration with ghostscript, allows OS Command Injection because file conversion may occur for an EPS document that is disguised as a PDF document...

PT-2022-19878 · Open Xchange · Ox App Suite

Name of the Vulnerable Software and Affected Versions: OX App Suite versions through 7.10.6 Description: The issue allows OS Command Injection in a non-default configuration where ghostscript is used, because file conversion may occur for an EPS document disguised as a PDF document...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2022-2558)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2022-2499)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.0 : ghostscript (EulerOS-SA-2022-2558)

According to the versions of the ghostscript packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for...

EulerOS Virtualization 3.0.6.6 : ghostscript (EulerOS-SA-2022-2499)

According to the versions of the ghostscript packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for...

PT-2022-36667 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-underflow read error. Technical details include the crash type and state, which involve functions such as gs type2...

Ubuntu: Security Advisory (USN-5643-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5643-1: Ghostscript vulnerabilities

It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary cod...

USN-5643-1 ghostscript vulnerabilities

It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary cod...