5485 matches found
Important: ghostscript
Issue Overview: PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991 NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8 NOTE:...
Important: ghostscript
Issue Overview: PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991 NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8 NOTE:...
Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2024-774)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-774 advisory. PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991NOTE: https://cgit.ghostscript.com/cgi-...
Arbitrary File Upload
Synapse is vulnerable to Arbitrary File Upload. The vulnerability is due to improper handling of uncommon image formats during thumbnail generation, which could invoke external tools like Ghostscript, increasing the risk of exploitation...
Ubuntu: Security Advisory (USN-7138-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7138-1: Ghostscript vulnerabilities
It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-7138-1 ghostscript vulnerabilities
It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code...
Ubuntu 16.04 LTS / 18.04 LTS : Ghostscript vulnerabilities (USN-7138-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7138-1 advisory. It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to...
CVE-2024-53863 Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders
Synapse is an open-source Matrix homeserver. In Synapse versions before 1.120.1, enabling the dynamicthumbnails option or processing a specially crafted request could trigger the decoding and thumbnail generation of uncommon image formats, potentially invoking external tools like Ghostscript for...
CVE-2024-53863
CVE-2024-53863 affects Synapse prior to 1.120.1. Enabling dynamic_thumbnails or handling a crafted request could trigger decoding/thumbnail generation of uncommon image formats, potentially invoking external decoders (e.g., Ghostscript) and expanding the attack surface. The vulnerability is mitig...
CVE-2024-53863 Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders
Synapse is an open-source Matrix homeserver. In Synapse versions before 1.120.1, enabling the dynamicthumbnails option or processing a specially crafted request could trigger the decoding and thumbnail generation of uncommon image formats, potentially invoking external tools like Ghostscript for...
CVE-2024-53863 Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders
Synapse is an open-source Matrix homeserver. In Synapse versions before 1.120.1, enabling the dynamicthumbnails option or processing a specially crafted request could trigger the decoding and thumbnail generation of uncommon image formats, potentially invoking external tools like Ghostscript for...
PT-2024-35961 · Unknown +3 · Ghostscript +3
Name of the Vulnerable Software and Affected Versions: Synapse versions prior to 1.120.1 Description: Synapse is an open-source Matrix homeserver. Enabling the dynamic thumbnails option or processing a specially crafted request could trigger the decoding and thumbnail generation of uncommon image...
Debian: Security Advisory (DLA-3965-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3965-1] ghostscript security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3965-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk November 24, 2024 https://wiki.debian.org/LTS -...
DLA-3965-1 ghostscript - security update
Bulletin has no description...
Debian dla-3965 : ghostscript - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3965 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3965-1 [email protected]...
Astra Linux - уязвимость в ghostscript
An issue was discovered in pdf/pdfxref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream related to W array values...
Astra Linux - уязвимость в ghostscript
Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters...
Astra Linux - уязвимость в ghostscript
Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword e.g., for runpdf has a \000 byte in the middle...