rpm package
suse/ghostscript&distro=SUSE Enterprise Storage 6
pkg:rpm/suse/ghostscript&distro=SUSE%20Enterprise%20Storage%206
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3781 | — | < 9.52-155.1 | 9.52-155.1 | Feb 16, 2022 | A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript in | ||
| CVE-2021-45944 | — | < 9.52-161.1 | 9.52-161.1 | Dec 31, 2021 | Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp). | ||
| CVE-2021-45949 | — | < 9.52-161.1 | 9.52-161.1 | Dec 31, 2021 | Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). |
- CVE-2021-3781Feb 16, 2022affected < 9.52-155.1fixed 9.52-155.1
A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript in
- CVE-2021-45944Dec 31, 2021affected < 9.52-161.1fixed 9.52-161.1
Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).
- CVE-2021-45949Dec 31, 2021affected < 9.52-161.1fixed 9.52-161.1
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).