2801 matches found
Important: ghostscript
Issue Overview: In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS...
Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2023-362)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-362 advisory. In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer...
CVE-2023-44464
pretix before 2023.7.2 allows Pillow to parse EPS files...
rami.io pretix security breach
rami.io pretix is a ticket store application for conferences, festivals, concerts, tech events, shows, exhibitions, workshops, bars, etc. from the German company rami.io. A security vulnerability exists in rami.io pretix versions prior to 2023.7.2 that stems from allowing Pillow to parse EPS file...
OESA-2023-1704 cups security update
CUPS is the standards-based, open source printing system developed by Apple Inc. for UNIX®-like operating systems. CUPS uses the Internet Printing Protocol IPP to support printing to local and network printers.. Security Fixes: Due to failure in validating the length provided by an attacker-craft...
OESA-2023-1705 cups security update
CUPS is the standards-based, open source printing system developed by Apple Inc. for UNIX®-like operating systems. CUPS uses the Internet Printing Protocol IPP to support printing to local and network printers.. Security Fixes: Due to failure in validating the length provided by an attacker-craft...
OESA-2023-1695 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted...
OESA-2023-1696 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted...
CVE-2023-43115
A vulnerability was found in Artifex Ghostscript in gdevijs.c, allows a malicious remote attacker to perform remote code execution via crafted PostScript documents...
PT-2023-29246 · Pillow +1 · Pillow +1
Name of the Vulnerable Software and Affected Versions: pretix versions prior to 2023.7.2 Description: The issue allows Pillow to parse EPS files. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this...
ALPINE-CVE-2023-4504
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...
AZL-37100 CVE-2023-4504 affecting package cups for versions less than 2.4.10-1
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...
AZL-37075 CVE-2023-4504 affecting package cups for versions less than 2.3.3op2-7
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...
CVE-2023-4504
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...
DEBIAN-CVE-2023-4504
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...
CVE-2023-4504 OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...
CVE-2023-4504 OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...
CVE-2023-4504
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...
USN-6391-2: CUPS vulnerability
USN-6391-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that CUPS incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a...
USN-6391-2 cups vulnerability
USN-6391-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that CUPS incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a...