2 matches found
PT-2022-11605 · Libxml2 +3 · Libxml2 +3
Name of the Vulnerable Software and Affected Versions: VTK versions prior to 9.2.5 Description: The issue is a NULL pointer dereference vulnerability that lies in IO/Infovis/vtkXMLTreeReader.cxx. It occurs because the vendor did not check the return value of the libxml2 API xmlDocGetRootElement a...
ghostscript: Type confusion in setpattern (700141)
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...