SUSE CVE-2023-38559

A buffer overflow flaw was found in base/gdevdevn.c:1973 in devnpcxwriterle in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs...

EulerOS Virtualization 3.0.6.6 : ghostscript (EulerOS-SA-2023-2423)

According to the versions of the ghostscript packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000printpage function in the gdevlp8k.c file. This...

Fedora: Security Advisory for ghostscript (FEDORA-2023-83c805b441)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2023-2423)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-36664 - Artifex Ghostscript through 10.01.2 mishandles permission validation

Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...

[SECURITY] Fedora 37 Update: ghostscript-9.56.1-8.fc37

This package provides useful conversion utilities based on Ghostscript softwa re, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Systems' PostScript PS and Portable Document Format PDF page description...

Fedora 37 : ghostscript (2023-83c805b441)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-83c805b441 advisory. fix for CVE-2023-36664 rhbz2217805 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Improper Input Validation

ghostscript is vulnerable to Improper Input Validation. This vulnerability occurs due to a flaw in the way that Ghostscript handles pipe devices. An attacker can exploit this vulnerability to gain unauthorized access to files on the victim's system...

SUSE SLES12 Security Update : ghostscript (SUSE-SU-2023:2844-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2844-1 advisory. - Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefi...

SUSE-SU-2023:2844-1 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2023-36664: Fixed permission validation mishandling for pipe devices with the %pipe% prefix or the | pipe character prefix bsc1212711...

PT-2023-6796 · Unknown +9 · Ghostscript +9

Name of the Vulnerable Software and Affected Versions: Ghostscript affected versions not specified Description: The issue is related to a buffer overflow flaw in the devn pcx write rle function of the Ghostscript software, specifically in the base/gdevdevn.c component. This flaw may allow a local...

SUSE: Security Advisory (SUSE-SU-2023:2829-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for ghostscript (FEDORA-2023-d8a1c3e5e2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:2844-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: ghostscript-10.01.2-1.fc38

This package provides useful conversion utilities based on Ghostscript softwa re, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Systems' PostScript PS and Portable Document Format PDF page description...

Fedora 38 : ghostscript (2023-d8a1c3e5e2)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-d8a1c3e5e2 advisory. rebase to bugfix release 10.01.2 rhbz2182090 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Ness...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ghostscript (SUSE-SU-2023:2829-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2829-1 advisory. - Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe%...

Critical Security Flaws Uncovered in Honeywell Experion DCS and QuickBlox Services

Multiple security vulnerabilities have been discovered in various services, including Honeywell Experion distributed control system DCS and QuickBlox, that, if successfully exploited, could result in severe compromise of affected systems. Dubbed Crit.IX, the nine flaws in the Honeywell Experion D...

SUSE-SU-2023:2829-1 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2023-36664: Fixed permission validation mishandling for pipe devices with the %pipe% prefix or the | pipe character prefix bsc1212711...

Vulnerability fixed in Ghostscript

Artifex has fixed a vulnerability in Ghostscript. A malicious party could exploit the vulnerability to be able to execute arbitrary be able to execute arbitrary commands with permissions from the Ghostscript process. To do this, the malicious party must trick the victim into opening a rogue file...