5386 matches found
CVE-2025-46646
In Artifex Ghostscript before 10.05.0, decodeutf8 in base/gputf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954...
UBUNTU-CVE-2025-46646
In Artifex Ghostscript before 10.05.0, decodeutf8 in base/gputf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954...
Artifex Ghostscript 安全漏洞
Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript, and the Page Description Language for Portable Document Format PDL. A security vulnerability exists in Artifex Ghostscript versions prior to 10.05.0, which stems from the improper handling of long...
CVE-2025-46646
CVE-2025-46646 affects Artifex Ghostscript prior to 10.05.0, where decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8 encodings. This issue is linked to an incomplete fix for CVE-2024-46954. Affected products include Ghostscript releases before 10.05.0; multiple advisories reference upgrades...
CVE-2025-46646
In Artifex Ghostscript before 10.05.0, decodeutf8 in base/gputf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954...
CVE-2025-46646
In Artifex Ghostscript before 10.05.0, decodeutf8 in base/gputf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954...
CVE-2025-46646
In Artifex Ghostscript before 10.05.0, decodeutf8 in base/gputf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954...
PT-2025-17960
Name of the Vulnerable Software and Affected Versions Artifex Ghostscript versions prior to 10.05.0 Description The issue is related to the mishandling of overlong UTF-8 encoding in the decode utf8 function in base/gp utf8.c. This problem exists due to an incomplete fix for a previous issue...
CVE-2025-46646
In Artifex Ghostscript before 10.05.0, decodeutf8 in base/gputf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954...
Amazon Linux AMI : ghostscript (ALAS-2025-1967)
The version of ghostscript installed on the remote host is prior to 8.70-24.34. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1967 advisory. The calculation of the buffer size was being done with int values, and overflowing that data type. The bug has exist...
CLSA-2025-1745272309 ghostscript: Fix of 2 CVEs
CVE-2024-33869: fix path traversal and command execution vulnerability in base/gpmisc.c - CVE-2024-33870: fix path traversal vulnerability to prevent unauthorized access to arbitrary files by restricting access to permitted paths...
Important: ghostscript
Issue Overview: The calculation of the buffer size was being done with int values, and overflowing that data type. The bug has existed since the creation of the file contrib/japanese/gdevnpdl.c The calculation of the buffer size was being done with int values, and overflowing that data type. By...
Amazon Linux 2 : ghostscript (ALAS-2025-2820)
The version of ghostscript installed on the remote host is prior to 9.54.0-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2820 advisory. Fix confusion between bytes and shorts. Data is being copied from a string in multiple of shorts, rather than multipl...
CLSA-2025-1744782967 ghostscript: Fix of 3 CVEs
CVE-2024-33871: fix arbitrary code execution by restricting Driver parameter to load only known dynamic libraries in gdevopvp.c - CVE-2023-38559: fix buffer overflow flaw in devnpcxwriterle function by adding input validation checks - CVE-2024-29510: fix memory corruption and SAFER sandbox bypass...
Important: ghostscript
Issue Overview: Fix confusion between bytes and shorts. Data is being copied from a string in multiple of shorts, rather than multiple of bytes, leading to both a read probably benign, given the memory manager and write buffer overflow. Info: https://bugs.ghostscript.com/showbug.cgi?id=708131...
Important: ghostscript
Issue Overview: Fix confusion between bytes and shorts. Data is being copied from a string in multiple of shorts, rather than multiple of bytes, leading to both a read probably benign, given the memory manager and write buffer overflow. Info: https://bugs.ghostscript.com/showbug.cgi?id=708131...
Important: ghostscript
Issue Overview: PDF interpreter - Guard against unsigned int overflow. A large Type 4 function definition can overflow the uint counter, causing the allocated buffer to be smaller than required. Info: https://bugs.ghostscript.com/showbug.cgi?id=708253 Patch:...
Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2025-927)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-927 advisory. PDF interpreter - Guard against unsigned int overflow. A large Type 4 function definition can overflow the uint counter, causing the allocated buffer to be smaller than required. Info:...
Important: ghostscript
Issue Overview: PDF interpreter - Guard against unsigned int overflow. A large Type 4 function definition can overflow the uint counter, causing the allocated buffer to be smaller than required. Info: https://bugs.ghostscript.com/showbug.cgi?id=708253 Patch:...
OESA-2025-1401 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: An issue was discovered in Artifex Ghostscript before 10.05.0. The DOCXWRITE TXTWRITE device has a text buffer...