rpm package
suse/ghostscript&distro=SUSE Linux Enterprise Server 12 SP5-LTSS
pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-27836 | — | < 9.52-23.89.1 | 9.52-23.89.1 | Mar 25, 2025 | An issue was discovered in Artifex Ghostscript before 10.05.0. The BJ10V device has a Print buffer overflow in contrib/japanese/gdev10v.c. | ||
| CVE-2025-27835 | — | < 9.52-23.89.1 | 9.52-23.89.1 | Mar 25, 2025 | An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c. | ||
| CVE-2025-27832 | — | < 9.52-23.89.1 | 9.52-23.89.1 | Mar 25, 2025 | An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for contrib/japanese/gdevnpdl.c. | ||
| CVE-2025-27831 | — | < 9.52-23.89.1 | 9.52-23.89.1 | Mar 25, 2025 | An issue was discovered in Artifex Ghostscript before 10.05.0. The DOCXWRITE TXTWRITE device has a text buffer overflow via long characters to devices/vector/doc_common.c. | ||
| CVE-2024-46956 | — | < 9.52-23.86.1 | 9.52-23.86.1 | Nov 10, 2024 | An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution. | ||
| CVE-2024-46955 | — | < 9.52-23.86.1 | 9.52-23.86.1 | Nov 10, 2024 | An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space. | ||
| CVE-2024-46953 | — | < 9.52-23.86.1 | 9.52-23.86.1 | Nov 10, 2024 | An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution. | ||
| CVE-2024-46951 | — | < 9.52-23.86.1 | 9.52-23.86.1 | Nov 10, 2024 | An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution. |
- CVE-2025-27836Mar 25, 2025affected < 9.52-23.89.1fixed 9.52-23.89.1
An issue was discovered in Artifex Ghostscript before 10.05.0. The BJ10V device has a Print buffer overflow in contrib/japanese/gdev10v.c.
- CVE-2025-27835Mar 25, 2025affected < 9.52-23.89.1fixed 9.52-23.89.1
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c.
- CVE-2025-27832Mar 25, 2025affected < 9.52-23.89.1fixed 9.52-23.89.1
An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for contrib/japanese/gdevnpdl.c.
- CVE-2025-27831Mar 25, 2025affected < 9.52-23.89.1fixed 9.52-23.89.1
An issue was discovered in Artifex Ghostscript before 10.05.0. The DOCXWRITE TXTWRITE device has a text buffer overflow via long characters to devices/vector/doc_common.c.
- CVE-2024-46956Nov 10, 2024affected < 9.52-23.86.1fixed 9.52-23.86.1
An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.
- CVE-2024-46955Nov 10, 2024affected < 9.52-23.86.1fixed 9.52-23.86.1
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.
- CVE-2024-46953Nov 10, 2024affected < 9.52-23.86.1fixed 9.52-23.86.1
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.
- CVE-2024-46951Nov 10, 2024affected < 9.52-23.86.1fixed 9.52-23.86.1
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.