Information disclosure

An issue was discovered in the postscript crate before 0.14.0 for Rust. It might allow attackers to obtain sensitive information from uninitialized memory locations via a user-provided Read implementation...

CVE-2021-26953

The CVE-2021-26953 issue affects the Rust crate postscript, prior to version 0.14.0. Affected functionality passes an uninitialized buffer to a user-provided Read implementation, allowing potential information disclosure from uninitialized memory. The underlying cause is exposing an uninitialized...

CVE-2021-26953

An issue was discovered in the postscript crate before 0.14.0 for Rust. It might allow attackers to obtain sensitive information from uninitialized memory locations via a user-provided Read implementation...

CVE-2020-17422

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

Foxit Studio Photo 缓冲区错误漏洞

Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. A remote code execution vulnerability exists in the handling of EPS files in Foxit Studio Photo 3.6.6.930 and earlier versions. The vulnerability stems from a lack of proper validation of user-supplied dat...

EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2021-1193)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a...

airust (=0.1.6), font (>=0.2.0 <=0.3.2) +6 more potentially affected by CVE-2021-26953 via postscript (>=0.10.1 <=0.11.1)

postscript CARGO version =0.10.1, =0.2.0, =0.0.2, =0.1.0, =0.15.0, =0.1.0, =0.6.3 - text =0.0.4 Source cves: CVE-2021-26953 Source advisory: OSV:RUSTSEC-2021-0017...

openSUSE Security Update : gimp (openSUSE-2020-2357)

This update for gimp fixes the following issues : Security issue fixed : - CVE-2017-17787: Fixed an out-of-bounds read in the PSP importer bsc1073628. Non-security issue fixed : - Fixed a software crash while importing a PostScript file bsc1178726. This update was imported from the...

[SECURITY] Fedora 33 Update: dia-0.97.3-16.fc33

The Dia drawing program can be used to draw different types of diagrams, and includes support for UML static structure diagrams class diagrams, entity relationship modeling, and network diagrams. Dia can load and save diagrams to a custom file format, can load and save in .xml format, and can...

Fedora: Security Advisory for dia (FEDORA-2020-cbc0754798)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: dia-0.97.3-16.fc32

The Dia drawing program can be used to draw different types of diagrams, and includes support for UML static structure diagrams class diagrams, entity relationship modeling, and network diagrams. Dia can load and save diagrams to a custom file format, can load and save in .xml format, and can...

USN-4686-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled certain image files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary co...

OPENSUSE-SU-2020:2357-1 Security update for gimp

This update for gimp fixes the following issues: Security issue fixed: - CVE-2017-17787: Fixed an out-of-bounds read in the PSP importer bsc1073628. Non-security issue fixed: - Fixed a software crash while importing a PostScript file bsc1178726. This update was imported from the SUSE:SLE-15:Updat...

Virtuozzo 7 : ghostscript / ghostscript-cups / ghostscript-doc / etc (VZLSA-2019-2586)

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Denial Of Service (DoS)

ghostscript is vulnerable to denial of service. A NULL pointer dereference in devices/gdevtsep.c allows a remote attacker to cause a denial of service via a malicious postscript file...

MGASA-2020-0414 Updated lilypond package fixes a security vulnerability

It was discovered that Lilypond, a program for typesetting sheet music, did not restrict the inclusion of Postscript and SVG commands when operating in safe mode, which could result in the execution of arbitrary code when rendering a typesheet file with embedded Postscript code. CVE-2020-17353...

Updated lilypond package fixes a security vulnerability

It was discovered that Lilypond, a program for typesetting sheet music, did not restrict the inclusion of Postscript and SVG commands when operating in safe mode, which could result in the execution of arbitrary code when rendering a typesheet file with embedded Postscript code. CVE-2020-17353...

PT-2022-5146 · Moodle +3 · Moodle +3

Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified GhostScript versions prior to 9.50 Description: The issue occurs due to improper input validation when parsing PostScript code, resulting in a remote code execution risk. An omitted execution parameter...

Moderate: fontforge security update

FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: SFDGetFontMetaData insufficient CVE-2020-5395 backport...

[SECURITY] Fedora 32 Update: lout-3.40-18.fc32

Lout is a document formatting system designed and implemented by Jeffrey Kingston at the Basser Department of Computer Science, University of Sydney, Australia. The system reads a high-level description of a document similar in style to LaTeX and produces a PostScript file which can be printed on...