ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space

A flaw was found in Artifex Ghostscript's psi/zcolor.c component. This vulnerability allows arbitrary code execution via an unchecked implementation pointer in the Pattern color space...

ghostscript: dangling pointer in gdev_prn_open_printer_seekable()

A flaw was found in Ghostscript. A remote attacker may use a specially crafted payload to trigger access to previously freed memory, which can potentially lead to remote code execution or an application crash...

ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding

A flaw was found in Ghostscript/base/gputf8.c. This vulnerability allows directory traversal via overlong UTF-8 encoding, potentially leading to unauthorized access to filesystem directories...

ghostscript: Path Traversal and Code Execution via Integer Overflow in Ghostscript

A flaw was found in Artifex Ghostscript base/gsdevice.c. This vulnerability allows path truncation, path traversal, and possible code execution via an integer overflow when parsing the filename format string for the output filename...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2025-1510)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2025-1511)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : ghostscript (ALAS-2025-1978)

The version of ghostscript installed on the remote host is prior to 8.70-24.35. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1978 advisory. PS interpreter - check the type of the Pattern Implementation NOTE:...

Moderate: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: dangling pointer in gdevprnopenprinterseekable CVE-2023-46751 ghostscript...

ALSA-2025:7422 Moderate: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: dangling pointer in gdevprnopenprinterseekable CVE-2023-46751 ghostscript...

Important: ghostscript

Issue Overview: PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991 NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8 NOTE:...

EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2025-1510)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in...

EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2025-1511)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in...

PT-2025-38683

Name of the Vulnerable Software and Affected Versions: Artifex Ghostscript versions through 10.05.1 Description: Artifex Ghostscript through version 10.05.1 contains a stack-based buffer overflow in the pdf write cmap function within the devices/vector/gdevpdtw.c file. Recommendations: Update to ...

ghostscript security update

An update is available for ghostscript. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Ghostscript suite contains utilities for rendering PostScript and PDF...

RLSA-2024:6197 Moderate: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: format string injection leads to shell command execution SAFER bypass...

RockyLinux 9 : ghostscript (RLSA-2024:6197)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:6197 advisory. ghostscript: format string injection leads to shell command execution SAFER bypass CVE-2024-29510 ghostscript: path traversal and command execution due t...

PT-2025-38679

Name of the Vulnerable Software and Affected Versions: Artifex Ghostscript versions through 10.05.1 Description: Artifex Ghostscript through version 10.05.1 contains a stack-based buffer overflow in the pdfmark coerce dest function located in devices/vector/gdevpdfm.c. This occurs when processing...

AlmaLinux 8 : ghostscript (ALSA-2025:4362)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:4362 advisory. ghostscript: heap buffer over write vulnerability in GhostScript's lp8000printpage in gdevlp8k.c CVE-2020-27792 ghostscript: dangling pointer in...

Ubuntu: Security Advisory (USN-7473-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7473-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly bypass file path validation...