Advisory ROSA-SA-2025-2549

Software: ghostscript 9.25 OS: rosa-server79 packageevrstring: ghostscript-9.25-5.0.3.res7 CVE-ID: CVE-2018-19478 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in Artifex Ghostscript allows an attacker to run a lengthy calculation when processing a PDF file. CVE-STATUS: The vulnerabili...

EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2025-1021)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in Artifex Ghostscript before 10.03.1. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type ...

EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2025-1004)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in Artifex Ghostscript before 10.03.1. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type ...

PT-2025-11335 · Unknown +4 · Ghostscript +4

Name of the Vulnerable Software and Affected Versions: Debian Linux affected versions not specified Description: The issue is related to a buffer overflow that occurs during the serialization of DollarBlend in font. Additionally, there are package vulnerabilities in ghostscript. Recommendations: ...

PT-2025-38680

Name of the Vulnerable Software and Affected Versions Artifex Ghostscript versions through 10.05.1 Description The ocr begin page function within devices/gdevpdfocr.c is susceptible to an integer overflow, which can result in a heap-based buffer overflow in the ocr line8 function. Recommendations...

PT-2025-11342 · Unknown +1 · Ghostscript +1

Name of the Vulnerable Software and Affected Versions: Debian Linux affected versions not specified Description: The issue allows access to arbitrary files through a truncated path with invalid UTF-8. It is also related to package vulnerabilities in ghostscript. Recommendations: At the moment,...

PT-2025-11338 · Unknown +3 · Ghostscript +3

Name of the Vulnerable Software and Affected Versions: Debian Linux affected versions not specified Description: The issue is related to a buffer overflow that occurs with long TTF font names in ghostscript. Recommendations: At the moment, there is no information about a newer version that contai...

PT-2025-11339 · Unknown +3 · Ghostscript +3

Name of the Vulnerable Software and Affected Versions: Debian Linux affected versions not specified ghostscript affected versions not specified Description: The issue is caused by a buffer overflow resulting from an oversized Type 4 function in a PDF. It is also related to package vulnerabilities...

Amazon Linux 2 : ghostscript (ALAS-2024-2708)

The version of ghostscript installed on the remote host is prior to 9.54.0-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2708 advisory. PS interpreter - check the type of the Pattern Implementation NOTE:...

PT-2024-40645 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read error. Technical details include the crash type being a Heap-buffer-overflow READ 12, and the crash...

Important: ghostscript

Issue Overview: PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991 NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8 NOTE:...

Important: ghostscript

Issue Overview: PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991 NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8 NOTE:...

Important: ghostscript

Issue Overview: PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991 NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8 NOTE:...

Important: ghostscript

Issue Overview: PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991 NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8 NOTE:...

Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2024-774)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-774 advisory. PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991NOTE: https://cgit.ghostscript.com/cgi-...

Arbitrary File Upload

Synapse is vulnerable to Arbitrary File Upload. The vulnerability is due to improper handling of uncommon image formats during thumbnail generation, which could invoke external tools like Ghostscript, increasing the risk of exploitation...

Ubuntu: Security Advisory (USN-7138-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7138-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-7138-1 ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code...

Ubuntu 16.04 LTS / 18.04 LTS : Ghostscript vulnerabilities (USN-7138-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7138-1 advisory. It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to...