Design/Logic Flaw

ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when specifically excluded...

UBUNTU-CVE-2021-39212

ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when specifically excluded...

Imagemagick Studio ImageMagick 竞争条件问题漏洞

ImageMagick is a set of open source image processing software. ImageMagick has a code problem vulnerability, the vulnerability stems from the product policy.xml file module policy exclusion Postscript file, an attacker can use the vulnerability to cause the file can be read and write...

CVE-2021-39212 Issue when Configuring the ImageMagick Security Policy

ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when specifically excluded...

CVE-2021-39212

ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when specifically excluded...

CVE-2021-39212

CVE-2021-39212 is a vulnerability in ImageMagick where Postscript files could be read or written if a module policy in policy.xml excludes them. The concrete details across connected sources show a policy-bypass issue affecting the module policy (with example policy: ) and indicate the issue is r...

CVE-2021-39212

ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when specifically excluded...

PT-2021-7869 · Unknown +4 · Imagemagick +4

Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 6.9.12-22 ImageMagick versions prior to 7.1.0-7 Description: The issue is related to the handling of Postscript files in ImageMagick, where these files could be read and written even when excluded by a module...

[SECURITY] [DSA 4972-1] ghostscript security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4972-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 10, 2021 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4972-1] ghostscript security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4972-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 10, 2021 https://www.debian.org/security/faq -...

USN-5075-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service...

USN-5075-1 ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service...

GhostScript remote command execution vulnerability

GhostScript is an interpreter used for PostScript language and PDF files, and many software components rely on it to complete the corresponding functions, and thus will also be affected by the Ghostscript vulnerability. ghostScript remote command execution vulnerability, an attacker can use the...

airust (=0.1.6), font (>=0.2.0 <=0.3.2) +6 more potentially affected by CVE-2021-26953 via postscript (>=0.10.1 <=0.11.1)

postscript CARGO version =0.10.1, =0.2.0, =0.0.2, =0.1.0, =0.15.0, =0.1.0, =0.6.3 - text =0.0.4 Source cves: CVE-2021-26953 Source advisory: OSV:GHSA-FHVC-GP6C-H2WX...

GHSA-FHVC-GP6C-H2WX Read on uninitialized buffer in postscript

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...

Read on uninitialized buffer in postscript

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...

EulerOS Virtualization 3.0.2.2 : ghostscript (EulerOS-SA-2021-2135)

According to the versions of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Ghostscript is a set of software that provides a PostScriptinterpreter, a set of C procedures the Ghostscript library,...

Adobe Bridge PostScript Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

Adobe Illustrator PostScript File Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Advisory ROSA-SA-2021-1832

Software: exempi 2.2.0 OS: Cobalt 7.9 CVE-ID: CVE-2017-18235 CVE-Crit: MEDIUM CVE-DESC: An issue was discovered in Exempi before 2.4.3. The VPXChunk class in XMPFiles / source / FormatSupport / WEBPSupport.cpp does not guarantee non-zero width and height values, allowing remote attackers to cause...