Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Ghostscript Security Vulnerabilities - 2023

cve
cve

CVE-2020-21710

A divide by zero issue discovered in eps_print_page in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers to cause a denial of service via opening of crafted PDF file.

5.5CVSS

5.3AI Score

0.001EPSS

2023-08-22 07:16 PM
49
cve
cve

CVE-2020-21890

Buffer Overflow vulnerability in clj_media_size function in devices/gdevclj.c in Artifex Ghostscript 9.50 allows remote attackers to cause a denial of service or other unspecified impact(s) via opening of crafted PDF document.

7.8CVSS

7.3AI Score

0.001EPSS

2023-08-22 07:16 PM
100
cve
cve

CVE-2023-28879

In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tr...

9.8CVSS

9.6AI Score

0.004EPSS

2023-03-31 05:15 PM
133
3
cve
cve

CVE-2023-36664

Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).

7.8CVSS

7.7AI Score

0.001EPSS

2023-06-25 10:15 PM
103
cve
cve

CVE-2023-38559

A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.

5.5CVSS

5.5AI Score

0.001EPSS

2023-08-01 05:15 PM
312
cve
cve

CVE-2023-38560

An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format.

5.5CVSS

5.2AI Score

0.001EPSS

2023-08-01 05:15 PM
79
cve
cve

CVE-2023-4042

A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.

5.5CVSS

6.2AI Score

0.004EPSS

2023-08-23 01:15 PM
142
cve
cve

CVE-2023-43115

In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be spe...

8.8CVSS

8.8AI Score

0.004EPSS

2023-09-18 08:15 AM
478
cve
cve

CVE-2023-46751

An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer.

7.5CVSS

7.2AI Score

0.001EPSS

2023-12-06 08:15 PM
672