Vulnerabilities (CVE)

Filtered by vendor Artifex Subscribe
Filtered by product Ghostscript
Total 86 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-45944 1 Artifex 1 Ghostscript 2022-01-17 4.3 MEDIUM 5.5 MEDIUM
Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).
CVE-2021-45949 1 Artifex 1 Ghostscript 2022-01-15 4.3 MEDIUM 5.5 MEDIUM
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).
CVE-2020-15900 1 Artifex 1 Ghostscript 2021-07-21 7.5 HIGH 9.8 CRITICAL
A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32_t. This was fixed in commit 5d499272b95a6b890a1397e11d20937de000d31b.
CVE-2018-18073 4 Artifex, Canonical, Debian and 1 more 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more 2020-10-22 4.3 MEDIUM 6.3 MEDIUM
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.
CVE-2019-14817 5 Artifex, Debian, Fedoraproject and 2 more 5 Ghostscript, Debian Linux, Fedora and 2 more 2020-10-16 6.8 MEDIUM 7.8 HIGH
A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
CVE-2019-14811 5 Artifex, Debian, Fedoraproject and 2 more 5 Ghostscript, Debian Linux, Fedora and 2 more 2020-10-16 6.8 MEDIUM 7.8 HIGH
A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
CVE-2019-14813 5 Artifex, Debian, Fedoraproject and 2 more 12 Ghostscript, Debian Linux, Fedora and 9 more 2020-10-16 7.5 HIGH 9.8 CRITICAL
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
CVE-2019-3839 6 Artifex, Canonical, Debian and 3 more 6 Ghostscript, Ubuntu Linux, Debian Linux and 3 more 2020-10-15 6.8 MEDIUM 7.8 HIGH
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscript versions before 9.27 are vulnerable.
CVE-2019-3838 5 Artifex, Debian, Fedoraproject and 2 more 12 Ghostscript, Debian Linux, Fedora and 9 more 2020-10-15 4.3 MEDIUM 5.5 MEDIUM
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.
CVE-2019-3835 5 Artifex, Debian, Fedoraproject and 2 more 11 Ghostscript, Debian Linux, Fedora and 8 more 2020-10-15 4.3 MEDIUM 5.5 MEDIUM
It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.
CVE-2019-14812 2 Artifex, Fedoraproject 2 Ghostscript, Fedora 2020-10-09 6.8 MEDIUM 7.8 HIGH
A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
CVE-2019-14869 3 Artifex, Fedoraproject, Opensuse 3 Ghostscript, Fedora, Leap 2020-10-09 6.8 MEDIUM 8.8 HIGH
A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands.
CVE-2019-10216 2 Artifex, Redhat 9 Ghostscript, 3scale Api Management, Enterprise Linux and 6 more 2020-09-30 6.8 MEDIUM 7.8 HIGH
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.
CVE-2017-9611 2 Artifex, Debian 2 Ghostscript, Debian Linux 2020-09-23 6.8 MEDIUM 7.8 HIGH
The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
CVE-2020-14373 2 Artifex, Redhat 2 Ghostscript, Enterprise Linux 2020-09-10 2.1 LOW 5.5 MEDIUM
A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.
CVE-2020-16301 1 Artifex 1 Ghostscript 2020-08-31 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVE-2020-16305 1 Artifex 1 Ghostscript 2020-08-31 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVE-2020-16303 1 Artifex 1 Ghostscript 2020-08-31 6.8 MEDIUM 7.8 HIGH
A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.
CVE-2020-16300 1 Artifex 1 Ghostscript 2020-08-31 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVE-2020-16302 2 Artifex, Debian 2 Ghostscript, Debian Linux 2020-08-31 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.