CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46751
https://notcve.org/view.php?id=CVE-2023-46751
An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. Se descubrió un problema en la función gdev_prn_open_printer_seekable() en Artifex Ghostscript hasta la versión 10.02.0 que permite a atacantes remotos bloquear la aplicación mediante un puntero colgante. • https://bugs.ghostscript.com/show_bug.cgi?id=707264 https://ghostscript.com https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=dcdbc595c13c9d11d235702dff46bb74c80f7698 https://www.debian.org/security/2023/dsa-5578 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-43115 – Ghostscript: GhostPDL can lead to remote code execution via crafted PostScript documents
https://notcve.org/view.php?id=CVE-2023-43115
In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the IJS device inherently must execute a command to start the IJS server). En Artifex Ghostscript hasta 10.01.2, gdevijs.c en GhostPDL puede conducir a la ejecución remota de código a través de documentos PostScript manipulados porque pueden cambiar al dispositivo IJS, o cambiar el parámetro IjsServer, después de que se haya activado SAFER. NOTA: es un riesgo documentado que el servidor IJS se pueda especificar en una línea de comandos gs (el dispositivo IJS debe ejecutar inherentemente un comando para iniciar el servidor IJS). A vulnerability was found in Artifex Ghostscript in gdevijs.c, allows a malicious remote attacker to perform remote code execution via crafted PostScript documents. • https://github.com/jostaub/ghostscript-CVE-2023-43115 https://bugs.ghostscript.com/show_bug.cgi?id=707051 https://ghostscript.com https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=e59216049cac290fb437a04c4f41ea46826cfba5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IK3UXJ5HKMPAL5EQELJAWSRPA2AUOJJO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PG5AQV7JOL5TAU76FWPJCMSKO5DREKV5 https://access.redhat.com/security/cve/CVE-2023-43115 h • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-4042 – Ghostscript: incomplete fix for cve-2020-16305
https://notcve.org/view.php?id=CVE-2023-4042
A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8. • https://access.redhat.com/errata/RHSA-2023:7053 https://access.redhat.com/security/cve/CVE-2023-4042 https://bugzilla.redhat.com/show_bug.cgi?id=1870257 https://bugzilla.redhat.com/show_bug.cgi?id=2228151 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-38559 – Ghostscript: out-of-bound read in base/gdevdevn.c:1973 in devn_pcx_write_rle could result in dos
https://notcve.org/view.php?id=CVE-2023-38559
A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs. Se ha encontrado un fallo de desbordamiento de búfer en base/gdevdevn.c:1973 en devn_pcx_write_rle() en ghostscript. Este problema puede permitir a un atacante local provocar una denegación de servicio mediante la salida de un archivo PDF manipulado para un dispositivo DEVN con gs. • https://access.redhat.com/errata/RHSA-2023:6544 https://access.redhat.com/errata/RHSA-2023:7053 https://access.redhat.com/security/cve/CVE-2023-38559 https://bugs.ghostscript.com/show_bug.cgi?id=706897 https://bugzilla.redhat.com/show_bug.cgi?id=2224367 https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d81b82c70bc1 https://lists.debian.org/debian-lts-announce/2023/08/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •
CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 3CVE-2023-36664 – ghostscript: vulnerable to OS command injection due to mishandles permission validation for pipe devices
https://notcve.org/view.php?id=CVE-2023-36664
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). Artifex Ghostscript a través de 10.01.2 maneja mal la validación de permisos para dispositivos pipe (con el prefijo %pipe% o el prefijo | pipe character). A vulnerability was found in Ghostscript. This flaw occurs due to a mishandled permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). • https://github.com/jakabakos/CVE-2023-36664-Ghostscript-command-injection https://github.com/jeanchpt/CVE-2023-36664 https://github.com/churamanib/CVE-2023-36664-Ghostscript-command-injection https://bugs.ghostscript.com/show_bug.cgi?id=706761 https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=0974e4f2ac0005d3731e0b5c13ebc7e965540f4d https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=505eab7782b429017eb434b2b95120855f2b0e3c https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/ • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •