The vulnerability of the contrib/japanese/gdevnpdl.c file, which is part of the NPDL Device software suite for processing, transforming, and generating Ghostscript documents, allows a perpetrator to execute arbitrary code.

The vulnerability of the contrib/japanese/gdevnpdl.c file, which is part of the NPDL Device software suite for processing, transforming, and generating Ghostscript documents, stems from the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an...

The vulnerability of the bj10v_print_page() function in the contrib/japanese/gdev10v.c file of the BJ10V Device component of the software development kit for processing, transforming, and generating Ghostscript documents, allowing a malicious individual to execute arbitrary code or cause a service failure.

The vulnerability of the bj10vprintpage function in the contrib/japanese/gdev10v.c file of the BJ10V Device component of the software development kit for processing, transforming, and generating Ghostscript documents is related to the copying of buffers without checking the size of the input data...

The vulnerability of the gp_open_scratch_file_impl() function in the files base/gp_mswin.c and base/winrtsup.cpp of the Ghostscript processing, conversion, and generation software suite allows a malicious actor to read arbitrary files.

The vulnerability of the gpopenscratchfileimpl function in the base/gpmswin.c and base/winrtsup.cpp files of the Ghostscript processing, conversion, and generation software suite is related to an incorrect path name limitation. Exploiting this vulnerability could allow a remote attacker to read...

The vulnerability of the files base/write_t1.c and psi/zfapi.c, which are components of the DollarBlend software suite for processing, transforming, and generating Ghostscript documents, allows a perpetrator to execute arbitrary code.

The vulnerability in the files base/writet1.c and psi/zfapi.c of the DollarBlend software component, which is part of the software suite for processing, transforming, and generating Ghostscript documents, involves copying buffers without checking the size of the input data. Exploiting this...

The vulnerability of the txt_get_unicode() function in the devices/vector/doc_common.c file of the Ghostscript document processing, conversion, and generation software allows a hacker to execute arbitrary code.

The vulnerability of the txtgetunicode function in the devices/vector/doccommon.c file of the Ghostscript document processing, conversion, and generation software set is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an...

OPENSUSE-SU-2025:14953-1 ghostscript-10.05.0-1.1 on GA media

These are all security issues fixed in the ghostscript-10.05.0-1.1 package on the GA media of openSUSE Tumbleweed...

Important: ghostscript

Issue Overview: Potential integer and buffer overflow with DollarBlend during serializing a multiple master font for passing to Freetype. Fixed by changing a variable type from short to unsigned short and checking if a length variable exceeds permitted limit. Fixed in ghostpdl-10.05.0...

Important: ghostscript

Issue Overview: Potential integer and buffer overflow with DollarBlend during serializing a multiple master font for passing to Freetype. Fixed by changing a variable type from short to unsigned short and checking if a length variable exceeds permitted limit. Fixed in ghostpdl-10.05.0...

Important: ghostscript

Issue Overview: Potential integer and buffer overflow with DollarBlend during serializing a multiple master font for passing to Freetype. Fixed by changing a variable type from short to unsigned short and checking if a length variable exceeds permitted limit. Fixed in ghostpdl-10.05.0...

Important: ghostscript

Issue Overview: Potential integer and buffer overflow with DollarBlend during serializing a multiple master font for passing to Freetype. Fixed by changing a variable type from short to unsigned short and checking if a length variable exceeds permitted limit. Fixed in ghostpdl-10.05.0...

Important: ghostscript

Issue Overview: The calculation of the buffer size was being done with int values, and overflowing that data type. The bug has existed since the creation of the file contrib/japanese/gdevnpdl.c The calculation of the buffer size was being done with int values, and overflowing that data type. By...

Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2025-906)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-906 advisory. Buffer overflow in Ghostscript new PDF Interpreter PDFI. CVE-2025-27833 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has not...

Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2025-907)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-907 advisory. The calculation of the buffer size was being done with int values, and overflowing that data type. The bug has existed since the creation of the file contrib/japanese/gdevnpdl.cThe calculation of the...

Amazon Linux 2 : ghostscript (ALAS-2025-2805)

The version of ghostscript installed on the remote host is prior to 9.54.0-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2805 advisory. Potential integer and buffer overflow with DollarBlend during serializing a multiple master font for passing to...

Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2025-908)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-908 advisory. Potential integer and buffer overflow with DollarBlend during serializing a multiple master font for passing to Freetype. Fixed by changing a variable type from short to unsigned short and...

Important: ghostscript

Issue Overview: Buffer overflow in Ghostscript new PDF Interpreter PDFI. CVE-2025-27833 Affected Packages: ghostscript Issue Correction: Run dnf update ghostscript --releasever 2023.7.20250331 to update your system. New Packages: aarch64: ghostscript-tools-dvipdf-9.56.1-7.amzn2023.0.13.aarch64...

Important: ghostscript

Issue Overview: Buffer overflow in Ghostscript new PDF Interpreter PDFI. CVE-2025-27833 Affected Packages: ghostscript Issue Correction: Run dnf update ghostscript --releasever 2023.7.20250331 or dnf update --advisory ALAS2023-2025-906 --releasever 2023.7.20250331 to update your system. More...

Important: ghostscript

Issue Overview: The calculation of the buffer size was being done with int values, and overflowing that data type. The bug has existed since the creation of the file contrib/japanese/gdevnpdl.c The calculation of the buffer size was being done with int values, and overflowing that data type. By...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Ghostscript vulnerabilities (USN-7378-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7378-1 advisory. It was discovered that Ghostscript incorrectly serialized DollarBlend in certain fonts. An attacker could use this issue ...

Ubuntu: Security Advisory (USN-7378-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...