rpm package
suse/ghostscript&distro=SUSE Linux Enterprise Server 15-LTSS
pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3781 | — | < 9.52-155.1 | 9.52-155.1 | Feb 16, 2022 | A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript in | ||
| CVE-2020-15900 | — | < 9.52-3.32.1 | 9.52-3.32.1 | Jul 28, 2020 | A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32 | ||
| CVE-2020-12268 | — | < 9.52-3.27.2 | 9.52-3.27.2 | Apr 27, 2020 | jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow. |
- CVE-2021-3781Feb 16, 2022affected < 9.52-155.1fixed 9.52-155.1
A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript in
- CVE-2020-15900Jul 28, 2020affected < 9.52-3.32.1fixed 9.52-3.32.1
A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32
- CVE-2020-12268Apr 27, 2020affected < 9.52-3.27.2fixed 9.52-3.27.2
jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow.