EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2023-3176)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because th...

EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2023-3211)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because th...

EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2023-2809)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...

EulerOS 2.0 SP8 : ghostscript (EulerOS-SA-2023-3126)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript...

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2023-2895)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...

EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2023-2785)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...

OESA-2024-1055 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: An issue was discovered in the function gdevprnopenprinterseekable in Artifex Ghostscript through 10.02.0 allows...

The vulnerability of the gdev_prn_open_printer_seekable() function in the interpreter for software that processes, transforms, and generates Ghostscript documents allows a attacker to cause a service failure.

The vulnerability of the gdevprnopenprinterseekable function in the interpreter for Ghostscript software, which is used for document processing, conversion, and generation, is related to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause...

Important: ghostscript

Issue Overview: An issue was discovered in the function gdevprnopenprinterseekable in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. CVE-2023-46751 Affected Packages: ghostscript Issue Correction: Run dnf update ghostscript --releaseve...

Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2024-470)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-470 advisory. An issue was discovered in the function gdevprnopenprinterseekable in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. CVE-2023-46751 Tenable...

Important: ghostscript

Issue Overview: An issue was discovered in the function gdevprnopenprinterseekable in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. CVE-2023-46751 Affected Packages: ghostscript Issue Correction: Run dnf update ghostscript --releaseve...

OESA-2024-1016 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: An issue was discovered in the function gdevprnopenprinterseekable in Artifex Ghostscript through 10.02.0 allows...

PT-2024-5150 · Artifex +3 · Artifex Ghostscript +3

Name of the Vulnerable Software and Affected Versions: Artifex Ghostscript versions prior to 10.03.0 Description: The issue is related to a stack-based buffer overflow in the Ghostscript software, which can be exploited via the CIDFSubstPath and CIDFSubstFont parameters. This can potentially allo...

OESA-2023-1984 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: An issue was discovered in the function gdevprnopenprinterseekable in Artifex Ghostscript through 10.02.0 allows...

Advisory ROSA-SA-2023-2318

software: ghostscript 9.54.0 OS: ROSA-CHROME packageevrstring: ghostscript-9.54.0-9.src.rpm CVE-ID: CVE-2023-36664 BDU-ID: 2023-03466 CVE-Crit: HIGH CVE-DESC.: A vulnerability exists in the Ghostscript document processing, conversion, and generation software suite due to failure to take measures ...

The vulnerability of the `eps_print_page` function in the `gdevepsn.c` component of the Ghostscript software processing suite allows a attacker to trigger a service failure.

The vulnerability of the epsprintpage function in the gdevepsn.c component of the Ghostscript document processing software is related to the lack of checks for division by zero. Exploiting this vulnerability can allow an attacker to cause a service failure using a specially created PDF file...

The vulnerability of the lp8000_print_page() function in the gdevlp8k.c component of the Ghostscript software processing suite allows a perpetrator to compromise data integrity and cause service failures.

The vulnerability of the lp8000printpage function in the gdevlp8k.c component of the Ghostscript software suite relates to the execution of operations outside the buffer memory. Exploiting this vulnerability could allow an attacker to compromise data integrity and also cause service failures...

The vulnerability of the `chunk_free_object` function in the `gsmchunk.c` component of the Ghostscript software suite allows a malicious actor to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the chunkfreeobject function in the gsmchunk.c component of the Ghostscript document processing software lies in the handling of buffer overflows. Exploitation of this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even...

The vulnerability of the `cljmedia_size` function in the `devices/gdevclj.c` component of the Ghostscript document processing software allows a perpetrator to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the cljmediasize function in the devices/gdevclj.c component of the Ghostscript document processing software lies in the handling of buffer overflows. Exploiting this vulnerability could allow an attacker to access confidential data, compromise its integrity, and even cause...

SUSE SLES12 Security Update : ghostscript (SUSE-SU-2023:4917-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4917-1 advisory. - An issue was discovered in the function gdevprnopenprinterseekable in Artifex Ghostscript through 10.02.0 allows remote attackers to crash...