Ghostscript Security Vulnerabilities and Issues — Ghostscript CVE List

Lucene search

ArtifexGhostscript

4 matches found

CVE•added 2017/05/23 4:29 a.m.•140 views

CVE-2016-7978

Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice.

9.8CVSS9.3AI score0.02959EPSS

CVE•added 2017/05/23 4:29 a.m.•81 views

CVE-2016-7977

Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.

5.5CVSS7AI score0.01067EPSS

CVE•added 2017/05/23 4:29 a.m.•77 views

CVE-2016-7979

Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.

9.8CVSS9.6AI score0.01608EPSS

CVE•added 2017/05/12 7:29 a.m.•55 views

CVE-2017-8908

The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PostScript document.

5.5CVSS5.5AI score0.00391EPSS