Updated ghostscript packages fix security vulnerability

Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix. CVE-2023-36664 A buffer overflow flaw was found in base/gdevdevn.c:1973 in devnpcxwriterle in ghostscript. This issue may allow a local attacker to cause a denial o...

MGASA-2023-0260 Updated ghostscript packages fix security vulnerability

Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix. CVE-2023-36664 A buffer overflow flaw was found in base/gdevdevn.c:1973 in devnpcxwriterle in ghostscript. This issue may allow a local attacker to cause a denial o...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2023-2785)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2023-2809)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2023-0260)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2023-1605 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal...

OESA-2023-1608 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal...

ROS-20230907-01

Ghostscript document processing toolkit vulnerability is related to a buffer overflow error in base / gdevdevn.c: 1973 in devnpcxwriterle. buffer overflow in base / gdevdevn.c: 1973 in devnpcxwriterle. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...

Oracle Linux 7 : ghostscript (ELSA-2019-2281)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2281 advisory. - Resolves: 1673399 - CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116 - Resolves: 1678172 - CVE-2019-3835 ghostscript: superexec...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ghostscript (SUSE-SU-2023:3438-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3438-1 advisory. - A buffer overflow flaw was found in base/gdevdevn.c:1973 in devnpcxwriterle in ghostscript. This issue...

SUSE SLES12 Security Update : ghostscript (SUSE-SU-2023:3439-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3439-1 advisory. - A buffer overflow flaw was found in base/gdevdevn.c:1973 in devnpcxwriterle in ghostscript. This issue may allow a local attacker to cause...

SUSE: Security Advisory (SUSE-SU-2023:3439-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-21890

Ghostscript is vulnerable to buffer overflow vulnerability in fucntion cljmediasize in devices/gdevclj.c allow remote attackers to cause a denial of service via crafted PDF document...

CVE-2020-21710

GhostScript is vulnerable to divide by zero issue in function epsprintpage in gdevepsn.c allows remote attacker to cause a denial of service via crafted PDF file...

SUSE-SU-2023:3439-1 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2023-38559: Fixed out-of-bounds read in devnpcxwriterle that could result in DoS bsc1213637...

SUSE-SU-2023:3438-1 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2023-38559: Fixed out-of-bounds read in devnpcxwriterle that could result in DoS bsc1213637...

Medium: ghostscript

Issue Overview: A divide by zero issue discovered in epsprintpage in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers to cause a denial of service via opening of crafted PDF file. CVE-2020-21710 A buffer overflow flaw was found in base/gdevdevn.c:1973 in devnpcxwriterle in...

SUSE CVE-2023-4042

A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8...

Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2023-296)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-296 advisory. 2024-02-15: CVE-2020-21710 was added to this advisory. A divide by zero issue discovered in epsprintpage in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers to cause a...

CVE-2023-4042

A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8...