SUSE: Security Advisory (SUSE-SU-2019:2460-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:2976-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 8 : ghostscript (ELSA-2021-1852)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1852 advisory. 9.27-1 - Rebase to 9.27 - Resolves: rhbz1874523 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

ghostscript security, bug fix, and enhancement update

9.27-1 - Rebase to 9.27 - Resolves: rhbz1874523...

CentOS 8 : ghostscript (CESA-2021:1852)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1852 advisory. - ghostscript: use-after-free vulnerability in igcrelocstructptr could result in DoS CVE-2020-14373 - ghostscript: buffer overflow in lprnisblack in...

RHEL 8 : ghostscript (RHSA-2021:1852)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1852 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap...

ghostscript: buffer overflow in GetNumSameData() in contrib/lips4/gdevlips.c could result in a DoS

A buffer overflow vulnerability in GetNumSameData in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

ghostscript: buffer overflow in lxm5700m_print_page() in devices/gdevlxm.c could result in a DoS

A buffer overflow vulnerability in lxm5700mprintpage in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This is fixed in v9.51...

ghostscript: NULL pointer dereference in devices/vector/gdevtxtw.c and psi/zbfont.c could result in a DoS

A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51...

ghostscript: buffer overflow in pcx_write_rle() in contrib/japanese/gdev10v.c could result in a DoS

A buffer overflow vulnerability in pcxwriterle in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

ghostscript: use-after-free in xps_finish_image_path() in devices/vector/gdevxps.c could result in a privilege escalation

A use-after-free vulnerability in xpsfinishimagepath in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51...

ghostscript: buffer overflow in tiff12_print_page() in devices/gdevtfnx.c could result in a DoS

A buffer overflow vulnerability in tiff12printpage in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

ghostscript: division by zero in bj10v_print_page() in contrib/japanese/gdev10v.c could result in a DoS

A Division by Zero vulnerability in bj10vprintpage in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

ghostscript: buffer overflow in mj_color_correct() in contrib/japanese/gdevmjc.c could result in a DoS

A buffer overflow vulnerability in mjcolorcorrect in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

ghostscript: buffer overflow in FloydSteinbergDitheringC() in contrib/gdevbjca.c could result in a DoS

A buffer overflow vulnerability in FloydSteinbergDitheringC in contrib/gdevbjca.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

ghostscript: NULL pointer dereference in clj_media_size() in devices/gdevclj.c could result in a DoS

A null pointer dereference vulnerability in cljmediasize in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

ghostscript: buffer overflow in mj_raster_cmd() in contrib/japanese/gdevmjc.c could result in a DoS

A buffer overflow vulnerability in mjrastercmd in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

ghostscript: buffer overflow in pj_common_print_page() in devices/gdevpjet.c could result in a DoS

A buffer overflow vulnerability in pjcommonprintpage in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

ghostscript: use-after-free vulnerability in igc_reloc_struct_ptr() could result in DoS

A use-after-free flaw was found in igcrelocstructptr of psi/igc.c of Ghostscript-9.25. This flaw allows a local attacker to supply a specially crafted PDF file, causing a denial of service. The highest threat from this vulnerability is to system availability...

Moderate: Red Hat Security Advisory: ghostscript security, bug fix, and enhancement update

An update for ghostscript is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...