SUSE CVE-2024-46952

An issue was discovered in pdf/pdfxref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream related to W array values...

SUSE CVE-2024-46953

An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string for the output filename results in path truncation, and possible path traversal and code execution...

SUSE CVE-2024-46954

An issue was discovered in decodeutf8 in base/gputf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal...

SUSE CVE-2024-46955

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space...

SUSE CVE-2024-46956

An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution...

OPENSUSE-SU-2024:14423-1 ghostscript-10.04.0-1.1 on GA media

These are all security issues fixed in the ghostscript-10.04.0-1.1 package on the GA media of openSUSE Tumbleweed...

[SECURITY] [DLA 3931-1] ghostscript security update

Debian LTS Advisory DLA-3931-1 [email protected] https://www.debian.org/lts/security/ Sean Whitton October 22, 2024 https://wiki.debian.org/LTS Package : ghostscript Version : 9.53.3dfsg-7+deb11u8 CVE ID : CVE-2024-29508 A heap-based pointer disclosure problem was found in Ghostscript, ...

Debian dla-3931 : ghostscript - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3931 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3931-1 [email protected] https://www.debian.org/lts/security/...

Debian: Security Advisory (DLA-3931-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-3931-1 ghostscript - security update

Bulletin has no description...

Mageia: Security Advisory (MGASA-2024-0326)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2024-0326 Updated ghostscript packages fix security vulnerabilities

Amongst other general bug fixes, this release addresses: CVE-2024-46951 CVE-2024-46952 CVE-2024-46953 CVE-2024-46954 CVE-2024-46955 CVE-2024-46956...

Updated ghostscript packages fix security vulnerabilities

Amongst other general bug fixes, this release addresses: CVE-2024-46951 CVE-2024-46952 CVE-2024-46953 CVE-2024-46954 CVE-2024-46955 CVE-2024-46956...

PT-2024-32297 · Artifex +6 · Artifex Ghostscript +6

Name of the Vulnerable Software and Affected Versions: Artifex Ghostscript versions prior to 10.04.0 Description: An issue was discovered in the decode utf8 function in base/gp utf8.c of Artifex Ghostscript. This issue is related to overlong UTF-8 encoding, which can lead to possible ../ director...

Advisory ROSA-SA-2024-2494

Software: ghostscript 9.25 OS: rosa-server79 packageevrstring: ghostscript-9.25-5.0.1.res7 CVE-ID: CVE-2024-33871 BDU-ID: 2024-05064 CVE-Crit: HIGH CVE-DESC.: A vulnerability exists in the contrib/opvp/gdevopvp.c component of the Ghostscript processing, conversion, and document generation softwar...

OESA-2024-2177 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur via a...

The vulnerability of the afqkf psi/zmisc1.c file, a software component for processing, transforming, and generating Ghostscript documents, arises from incorrect validation of input data. This vulnerability allows an attacker to execute arbitrary code within the system.

The vulnerability of the afqkf psi/zmisc1.c file, a software component used for processing, transforming, and generating Ghostscript documents, is related to incorrect validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability in the base/gpmisc.c file of the software for processing, converting, and generating Ghostscript documents, related to incorrect input validation, allows a perpetrator to execute arbitrary code on the system.

The vulnerability of the base/gpmisc.c file in the software suite for processing, converting, and generating Ghostscript documents is related to improper validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

ROS-20240923-05

A vulnerability in the interpreter of the software suite for processing, transforming, and generating Ghostscript documents is related to errors in relative directory path handling. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a special...

GPL Ghostscript: Multiple Vulnerabilities

Background Ghostscript is an interpreter for the PostScript language and for PDF. Description Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workarou...