CVSS: 4.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46646 – Ubuntu Security Notice USN-7473-1
https://notcve.org/view.php?id=CVE-2025-46646
26 Apr 2025 — In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954. It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly bypass file path validation. • https://bugs.ghostscript.com/show_bug.cgi?id=708311 • CWE-24: Path Traversal: '../filedir' •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2024-46955 – Debian Security Advisory 5808-1
https://notcve.org/view.php?id=CVE-2024-46955
10 Nov 2024 — An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space. Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed. • https://bugs.ghostscript.com/show_bug.cgi?id=707990 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2024-46951 – ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space
https://notcve.org/view.php?id=CVE-2024-46951
10 Nov 2024 — An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution. A flaw was found in Artifex Ghostscript's psi/zcolor.c component. This vulnerability allows arbitrary code execution via an unchecked implementation pointer in the Pattern color space. Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially ... • https://bugs.ghostscript.com/show_bug.cgi?id=707991 • CWE-824: Access of Uninitialized Pointer •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-46952 – ghostscript: Buffer Overflow in Ghostscript PDF XRef Stream Handling
https://notcve.org/view.php?id=CVE-2024-46952
10 Nov 2024 — An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values). A flaw was found in Artifex Ghostscript's PDF XRef stream handling. This vulnerability allows a buffer overflow via crafted values in the W array of a PDF XRef stream. Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbi... • https://bugs.ghostscript.com/show_bug.cgi?id=708001 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2024-46953 – ghostscript: Path Traversal and Code Execution via Integer Overflow in Ghostscript
https://notcve.org/view.php?id=CVE-2024-46953
10 Nov 2024 — An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution. A flaw was found in Artifex Ghostscript base/gsdevice.c. This vulnerability allows path truncation, path traversal, and possible code execution via an integer overflow when parsing the filename format string for the output filename. Multiple security issues were disco... • https://bugs.ghostscript.com/show_bug.cgi?id=707793 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46954 – ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding
https://notcve.org/view.php?id=CVE-2024-46954
10 Nov 2024 — An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal. A flaw was found in Ghostscript/base/gp_utf8.c. This vulnerability allows directory traversal via overlong UTF-8 encoding, potentially leading to unauthorized access to filesystem directories. An update for thunderbird is now available for Red Hat Enterprise Linux 9. • https://bugs.ghostscript.com/show_bug.cgi?id=707788 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-29506 – Ubuntu Security Notice USN-6897-1
https://notcve.org/view.php?id=CVE-2024-29506
03 Jul 2024 — Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name. It was discovered that Ghostscript incorrectly handled certain long PDF filter names. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. It was discovered that Ghostscript incorrectly handled certain API parameters. • https://bugs.ghostscript.com/show_bug.cgi?id=707510 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-29507 – Ubuntu Security Notice USN-6897-1
https://notcve.org/view.php?id=CVE-2024-29507
03 Jul 2024 — Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters. It was discovered that Ghostscript incorrectly handled certain long PDF filter names. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. It was discovered that Ghostscript incorrectly handled certain API parameters. • https://bugs.ghostscript.com/show_bug.cgi?id=707510 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-29509 – Ubuntu Security Notice USN-6897-1
https://notcve.org/view.php?id=CVE-2024-29509
03 Jul 2024 — Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword (e.g., for runpdf) has a \000 byte in the middle. It was discovered that Ghostscript incorrectly handled certain long PDF filter names. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. It was discovered that Ghostscript incorrectly handled certain API parameters. • https://bugs.ghostscript.com/show_bug.cgi?id=707510 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-29511 – Ubuntu Security Notice USN-6897-1
https://notcve.org/view.php?id=CVE-2024-29511
03 Jul 2024 — Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitrary file reading (and writing of error messages to arbitrary files) via OCRLanguage. For example, exploitation can use debug_file /tmp/out and user_patterns_file /etc/passwd. Artifex Ghostscript anterior a 10.03.1, cuando se usa Tesseract para OCR, tiene un problema de directory traversal que permite la lectura de archivos arbitrarios (y la escritura de mensajes de error en archivos arbitrar... • https://bugs.ghostscript.com/show_bug.cgi?id=707510 • CWE-489: Active Debug Code •