5485 matches found
Artifex Ghostscript 安全漏洞
Artifex Ghostscript is a free software package from Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript prior to version 10.04.0, which is caused by an out-of-bounds read vulnerability when...
CVE-2024-46953
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string for the output filename results in path truncation, and possible path traversal and code execution...
CVE-2024-46955
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space...
CVE-2024-46952
CVE-2024-46952 affects Artifex Ghostscript before 10.04.0. The issue is a buffer overflow in the PDF processing path, specifically in pdf/pdf_xref.c during handling of a PDF XRef stream (related to W array values). The vulnerability is triggered when processing certain PDF cross-reference streams...
CVE-2024-46956
An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution...
CVE-2024-46956
An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution...
CVE-2024-46955
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space...
Artifex Ghostscript 安全漏洞
Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript prior to version 10.04.0, which is caused by an out-of-bounds data access...
Artifex Ghostscript 安全漏洞
Artifex Ghostscript is a free software package from Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript prior to version 10.04.0, which is caused by an unchecked implementation pointer in the...
CVE-2024-46951
CVE-2024-46951 is an issue in Artifex Ghostscript (Pattern color space) where an unchecked Implementation pointer could lead to arbitrary code execution. Connected advisories confirm this affects Ghostscript’s PostScript/PDF interpreter and note a developer-identified fix in ghostpdl-10.04.0, add...
CVE-2024-46956
CVE-2024-46956 affects Artifex Ghostscript (psi/zfile.c) with an out-of-bounds data access in filenameforall that can lead to arbitrary code execution on Ghostscript versions up to 10.04.0. Connected advisories confirm this vulnerability and provide patch guidance; mitigation is to update Ghostsc...
CVE-2024-46953
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string for the output filename results in path truncation, and possible path traversal and code execution...
CVE-2024-46952
An issue was discovered in pdf/pdfxref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream related to W array values...
CVE-2024-46954
An issue was discovered in decodeutf8 in base/gputf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal...
ghostscript bug fix update
An update is available for ghostscript. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Ghostscript suite contains utilities for rendering PostScript and PDF...
OESA-2024-2359 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: VUL-0: CVE-2024-46951: ghostscript: Arbitrary code execution via unchecked "Implementation" pointer in "Pattern"...
OESA-2024-2358 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: VUL-0: CVE-2024-46951: ghostscript: Arbitrary code execution via unchecked "Implementation" pointer in "Pattern"...
OESA-2024-2357 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: VUL-0: CVE-2024-46951: ghostscript: Arbitrary code execution via unchecked "Implementation" pointer in "Pattern"...
OESA-2024-2356 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: VUL-0: CVE-2024-46951: ghostscript: Arbitrary code execution via unchecked "Implementation" pointer in "Pattern"...
EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2024-2886)
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function...