RHEL 8 : ghostscript (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ghostscript: Attempting to open a carefully crafted PDF file results in long-running computation 699856...

RHEL 6 : ghostscript (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ghostscript: Improperly implemented security check in zsetdevice function in psi/zdevice.c CVE-2018-19409...

RHEL 5 : ghostscript (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ghostscript: /invalidaccess bypass after failed restore 699654 CVE-2018-16509 - ghostscript: Improperly...

RHEL 7 : ghostscript (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ghostscript: use-after-free in xpsfinishimagepath in devices/vector/gdevxps.c could result in a privilege...

Amazon Linux 2 : ghostscript (ALAS-2024-2553)

The version of ghostscript installed on the remote host is prior to 9.54.0-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2553 advisory. An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds othe...

Medium: ghostscript

Issue Overview: An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard. CVE-2023-52722 Affected Packages: ghostscript Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit th...

Medium: ghostscript

Issue Overview: An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard. CVE-2023-52722 Affected Packages: ghostscript Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit th...

SUSE CVE-2024-33871

An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp and oprp devices can have an arbitrary name for a...

Oracle Linux 8 : ghostscript (ELSA-2024-2966)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2966 advisory. 9.27-12 - fix to prevent divison by zero in devices - Resolves: rhbz2235009 Tenable has extracted the preceding description block directly from the Oracle Linux...

Medium: ghostscript

Issue Overview: An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard. CVE-2023-52722 Affected Packages: ghostscript Issue Correction: Run dnf update ghostscript --releasever 2023.4.20240528 to upda...

Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2024-628)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-628 advisory. An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard. CVE-2023-52722 Tenable has extracted the precedi...

Medium: ghostscript

Issue Overview: An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard. CVE-2023-52722 Affected Packages: ghostscript Issue Correction: Run dnf update ghostscript --releasever 2023.4.20240528 or dnf...

Mageia: Security Advisory (MGASA-2024-0192)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2024-0192 Updated ghostscript packages fix security vulnerabilities

Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed...

Updated ghostscript packages fix security vulnerabilities

Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed...

ghostscript security update

9.27-12 - fix to prevent divison by zero in devices - Resolves: rhbz2235009...

RHEL 8 : ghostscript (RHSA-2024:2966)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2966 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats ...

Low: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ghostscript: Divide by zero in eps_print_page in gdevepsn.c

GhostScript is vulnerable to divide by zero issue in function epsprintpage in gdevepsn.c allows remote attacker to cause a denial of service via crafted PDF file...

PT-2024-40782 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ, with a crash state involving functions such as chunk free object, s zlib free, and inflateEnd. No...