Search CVE reports
111 – 120 of 217 results
CVE-2019-6116
High priorityIn Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.
1 affected packages
ghostscript
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ghostscript | — | — | — | Fixed | Fixed |
CVE-2018-19478
Medium priorityIn Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file.
1 affected packages
ghostscript
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ghostscript | — | — | — | Fixed | Fixed |
CVE-2018-19134
Medium priorityIn Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the...
1 affected packages
ghostscript
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ghostscript | — | — | — | Fixed | Fixed |
CVE-2018-16863
Medium priorityIt was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially...
1 affected packages
ghostscript
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ghostscript | — | — | — | Not affected | Not affected |
CVE-2018-19477
Medium prioritypsi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
1 affected packages
ghostscript
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ghostscript | — | — | — | Fixed | Fixed |
CVE-2018-19476
Medium prioritypsi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.
1 affected packages
ghostscript
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ghostscript | — | — | — | Fixed | Fixed |
CVE-2018-19475
Medium prioritypsi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
1 affected packages
ghostscript
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ghostscript | — | — | — | Fixed | Fixed |
CVE-2018-19409
Medium priorityAn issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used.
1 affected packages
ghostscript
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ghostscript | — | — | — | Fixed | Fixed |
CVE-2018-18284
Medium priorityArtifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.
1 affected packages
ghostscript
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ghostscript | — | — | — | Fixed | Fixed |
CVE-2018-18073
Medium priorityArtifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.
1 affected packages
ghostscript
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ghostscript | — | — | — | Fixed | Fixed |