Summary
Detail | |||
---|---|---|---|
Vendor | Artifex | First view | 2017-03-21 |
Product | Ghostscript | Last view | 2025-05-23 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
3.3 | 2025-05-23 | CVE-2025-48708 | gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext. |
0 | 2025-04-26 | CVE-2025-46646 | In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954. |
0 | 2025-03-25 | CVE-2025-27837 | An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gp_mswin.c and base/winrtsup.cpp. |
0 | 2025-03-25 | CVE-2025-27836 | An issue was discovered in Artifex Ghostscript before 10.05.0. The BJ10V device has a Print buffer overflow in contrib/japanese/gdev10v.c. |
0 | 2025-03-25 | CVE-2025-27835 | An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c. |
0 | 2025-03-25 | CVE-2025-27834 | An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdf_func.c. |
0 | 2025-03-25 | CVE-2025-27833 | An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs for a long TTF font name to pdf/pdf_fmap.c. |
0 | 2025-03-25 | CVE-2025-27832 | An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for contrib/japanese/gdevnpdl.c. |
0 | 2025-03-25 | CVE-2025-27831 | An issue was discovered in Artifex Ghostscript before 10.05.0. The DOCXWRITE TXTWRITE device has a text buffer overflow via long characters to devices/vector/doc_common.c. |
0 | 2025-03-25 | CVE-2025-27830 | An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs during serialization of DollarBlend in a font, for base/write_t1.c and psi/zfapi.c. |
7.8 | 2024-11-10 | CVE-2024-46956 | An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution. |
5.5 | 2024-11-10 | CVE-2024-46955 | An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space. |
7.8 | 2024-11-10 | CVE-2024-46954 | An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal. |
7.8 | 2024-11-10 | CVE-2024-46953 | An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution. |
7.8 | 2024-11-10 | CVE-2024-46952 | An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values). |
7.8 | 2024-11-10 | CVE-2024-46951 | An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution. |
0 | 2024-07-03 | CVE-2024-33871 | An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp (and oprp) devices can have an arbitrary name for a dynamic library; this library is then loaded. |
0 | 2024-07-03 | CVE-2024-33870 | An issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal (via a crafted PostScript document) to arbitrary files if the current directory is in the permitted paths. For example, there can be a transformation of ../../foo to ./../../foo and this will grant access if ./ is permitted. |
0 | 2024-07-03 | CVE-2024-33869 | An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur (via a crafted PostScript document) because of path reduction in base/gpmisc.c. For example, restrictions on use of %pipe% can be bypassed via the aa/../%pipe%command# output filename. |
0 | 2024-07-03 | CVE-2024-29511 | Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitrary file reading (and writing of error messages to arbitrary files) via OCRLanguage. For example, exploitation can use debug_file /tmp/out and user_patterns_file /etc/passwd. |
0 | 2024-07-03 | CVE-2024-29510 | Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device. |
8.8 | 2024-07-03 | CVE-2024-29509 | Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword (e.g., for runpdf) has a \000 byte in the middle. |
3.3 | 2024-07-03 | CVE-2024-29508 | Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc. |
0 | 2024-07-03 | CVE-2024-29507 | Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters. |
8.8 | 2024-07-03 | CVE-2024-29506 | Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
25% (22) | CWE-787 | Out-of-bounds Write |
10% (9) | CWE-704 | Incorrect Type Conversion or Cast |
10% (9) | CWE-476 | NULL Pointer Dereference |
10% (9) | CWE-416 | Use After Free |
8% (7) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
5% (5) | CWE-200 | Information Exposure |
5% (5) | CWE-125 | Out-of-bounds Read |
5% (5) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
4% (4) | CWE-369 | Divide By Zero |
4% (4) | CWE-190 | Integer Overflow or Wraparound |
2% (2) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
2% (2) | CWE-20 | Improper Input Validation |
1% (1) | CWE-209 | Information Exposure Through an Error Message |
1% (1) | CWE-191 | Integer Underflow (Wrap or Wraparound) |
1% (1) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
1% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
Snort® IPS/IDS
Date | Description |
---|---|
2019-11-19 | Ghostscript -dSAFER sandbox bypass attempt RuleID : 51945 - Type : FILE-OTHER - Revision : 1 |
2019-03-05 | Ghostscript PostScript remote code execution attempt RuleID : 49086 - Type : FILE-OTHER - Revision : 1 |
2019-03-05 | Ghostscript PostScript remote code execution attempt RuleID : 49085 - Type : FILE-OTHER - Revision : 1 |
2018-10-25 | Ghostscript -dSAFER sandbox bypass attempt RuleID : 47882 - Type : FILE-OTHER - Revision : 1 |
2018-02-27 | Ghostscript eqproc type confusion attempt RuleID : 45536 - Type : FILE-OTHER - Revision : 2 |
2018-02-27 | Ghostscript eqproc type confusion attempt RuleID : 45535 - Type : FILE-OTHER - Revision : 2 |
2018-02-27 | Ghostscript rsdparams type confusion attempt RuleID : 45534 - Type : FILE-OTHER - Revision : 2 |
2018-02-27 | Ghostscript rsdparams type confusion attempt RuleID : 45533 - Type : FILE-OTHER - Revision : 2 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-08 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2019-1004.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-07083800ac.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-56221eb24b.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-81ee973d7c.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-8359498f3c.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-c39ae23dc8.nasl - Type: ACT_GATHER_INFO |
2018-12-28 | Name: The remote EulerOS Virtualization host is missing multiple security updates. File: EulerOS_SA-2018-1412.nasl - Type: ACT_GATHER_INFO |
2018-12-28 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2018-1430.nasl - Type: ACT_GATHER_INFO |
2018-12-28 | Name: The remote Debian host is missing a security update. File: debian_DLA-1620.nasl - Type: ACT_GATHER_INFO |
2018-12-21 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1137.nasl - Type: ACT_GATHER_INFO |
2018-12-19 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-3834.nasl - Type: ACT_GATHER_INFO |
2018-12-14 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-3650.nasl - Type: ACT_GATHER_INFO |
2018-12-14 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-3761.nasl - Type: ACT_GATHER_INFO |
2018-12-10 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2018-1404.nasl - Type: ACT_GATHER_INFO |
2018-12-07 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-3760.nasl - Type: ACT_GATHER_INFO |
2018-11-29 | Name: The remote Debian host is missing a security update. File: debian_DLA-1598.nasl - Type: ACT_GATHER_INFO |
2018-11-29 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4346.nasl - Type: ACT_GATHER_INFO |
2018-11-28 | Name: The remote Windows host contains a library that is affected by multiple vulne... File: ghostscript_9_26.nasl - Type: ACT_GATHER_INFO |
2018-11-26 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201811-12.nasl - Type: ACT_GATHER_INFO |
2018-11-21 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZLSA-2018-2918.nasl - Type: ACT_GATHER_INFO |
2018-11-13 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4336.nasl - Type: ACT_GATHER_INFO |
2018-10-23 | Name: The remote Debian host is missing a security update. File: debian_DLA-1552.nasl - Type: ACT_GATHER_INFO |
2018-10-16 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-2918.nasl - Type: ACT_GATHER_INFO |
2018-10-11 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2018-1088.nasl - Type: ACT_GATHER_INFO |
2018-10-01 | Name: The remote Debian host is missing a security update. File: debian_DLA-1527.nasl - Type: ACT_GATHER_INFO |