Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2022-1447)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2022-1426)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampleddatasample called from sampleddatacontinue and interp. CVE-2021-459...

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2022-1447)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampleddatasample called from sampleddatacontinue and interp. CVE-2021-459...

Artifex Software Ghostscript 缓冲区错误漏洞

Artifex Software Ghostscript is an open source parser for Postscript a page description language and programming language used in the electronics industry and desktop publishing from Artifex Software, Inc. The product can display Postscript files as well as print Postscript files on non-Postscrip...

OESA-2022-1560 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting...

Ghostscript 9.50 < 9.55.0 Sandbox Escape Vulnerability - Linux

Ghostscript is prone to a sandbox escape vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you c...

Security Bulletin: WebSphere Cast Iron and App Connect Professional are affected by vulnerabilities in Pacemaker, ImageMagick, gd-libgd, libxslt, cURL libcurl , Ghostscript.

Summary WebSphere Cast Iron and App Connect Professional are affected by vulnerabilities in Pacemaker, ImageMagick, gd-libgd, libxslt, cURL libcurl , Ghostscript. These vulnerabilities are addressed in App connect professional v7.5.4.0 and v7.5.5.0, customer can migrate to these versions without...

CVE-2021-3781

A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...

CVE-2021-3781

A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...

DEBIAN-CVE-2021-3781

A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...

ALPINE-CVE-2021-3781

A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...

Design/Logic Flaw

A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...

CVE-2021-3781

A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...

CVE-2021-3781

Summary: CVE-2021-3781 is a Ghostscript sandbox escape vulnerability. A crafted pipe command can escape the -dSAFER sandbox in the Ghostscript interpreter and execute arbitrary commands with the document’s privileges. The underlying cause is a pipe-based command injection that bypasses the interp...

CVE-2021-3781

A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...

CVE-2021-3781

A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...

openSUSE: Security Advisory for ghostscript (openSUSE-SU-2022:0088-2)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLES15 Security Update : ghostscript (SUSE-SU-2022:0088-2)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0088-2 advisory. - Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampleddatasample called from sampleddatacontinue and interp. CVE-2021-45944...

SUSE-SU-2022:0088-2 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2021-45944: Fixed use-after-free in sampleddatasample bsc1194303 - CVE-2021-45949: Fixed heap-based buffer overflow in sampleddatafinish bsc1194304...

Security update for ghostscript (moderate)

openSUSE Security Update: Security update for ghostscript Announcement ID: openSUSE-SU-2022:0088-2 Rating: moderate References: 1194303 1194304 Cross-References: CVE-2021-45944 CVE-2021-45949 CVSS scores: CVE-2021-45944 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-45944 SUSE: 6...