CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48708
https://notcve.org/view.php?id=CVE-2025-48708
23 May 2025 — gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript through 10.05.0 lacks argument sanitization for the # case. gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext. • https://bugs.ghostscript.com/show_bug.cgi?id=708446 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 4.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46646 – Ubuntu Security Notice USN-7473-1
https://notcve.org/view.php?id=CVE-2025-46646
26 Apr 2025 — In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954. It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly bypass file path validation. • https://bugs.ghostscript.com/show_bug.cgi?id=708311 • CWE-24: Path Traversal: '../filedir' •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46751 – ghostscript: dangling pointer in gdev_prn_open_printer_seekable()
https://notcve.org/view.php?id=CVE-2023-46751
06 Dec 2023 — An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. Se descubrió un problema en la función gdev_prn_open_printer_seekable() en Artifex Ghostscript hasta la versión 10.02.0 que permite a atacantes remotos bloquear la aplicación mediante un puntero colgante. A flaw was found in Ghostscript. A remote attacker may use a specially crafted payload to trigger access to previously fre... • https://bugs.ghostscript.com/show_bug.cgi?id=707264 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 23%CPEs: 3EXPL: 1CVE-2023-43115 – Ghostscript: GhostPDL can lead to remote code execution via crafted PostScript documents
https://notcve.org/view.php?id=CVE-2023-43115
18 Sep 2023 — In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the IJS device inherently must execute a command to start the IJS server). En Artifex Ghostscript hasta 10.01.2, gdevijs.c en GhostPDL puede conducir a la ejecución remota de código a ... • https://github.com/jostaub/ghostscript-CVE-2023-43115 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-4042 – Ghostscript: incomplete fix for cve-2020-16305
https://notcve.org/view.php?id=CVE-2023-4042
23 Aug 2023 — A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8. An update for ghostscript is now available for Red Hat Enterprise Linux 8. Issues addressed include buffer overflow and denial of service vulnerabilities. • https://access.redhat.com/errata/RHSA-2023:7053 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-21710 – ghostscript: Divide by zero in eps_print_page in gdevepsn.c
https://notcve.org/view.php?id=CVE-2020-21710
22 Aug 2023 — A divide by zero issue discovered in eps_print_page in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers to cause a denial of service via opening of crafted PDF file. GhostScript is vulnerable to divide by zero issue in function eps_print_page in gdevepsn.c allows remote attacker to cause a denial of service via crafted PDF file. It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. It was disco... • https://bugs.ghostscript.com/show_bug.cgi?id=701843 • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1CVE-2020-21890 – Ubuntu Security Notice USN-6364-1
https://notcve.org/view.php?id=CVE-2020-21890
22 Aug 2023 — Buffer Overflow vulnerability in clj_media_size function in devices/gdevclj.c in Artifex Ghostscript 9.50 allows remote attackers to cause a denial of service or other unspecified impact(s) via opening of crafted PDF document. It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of se... • https://bugs.ghostscript.com/show_bug.cgi?id=701846 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-38559 – Ghostscript: out-of-bound read in base/gdevdevn.c:1973 in devn_pcx_write_rle could result in dos
https://notcve.org/view.php?id=CVE-2023-38559
01 Aug 2023 — A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs. Se ha encontrado un fallo de desbordamiento de búfer en base/gdevdevn.c:1973 en devn_pcx_write_rle() en ghostscript. Este problema puede permitir a un atacante local provocar una denegación de servicio mediante la salida de un archivo PDF manipulado para un dispositivo DEVN con gs. It w... • https://access.redhat.com/errata/RHSA-2023:6544 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •
CVSS: 8.4EPSS: 4%CPEs: 5EXPL: 4CVE-2023-36664 – ghostscript: vulnerable to OS command injection due to mishandles permission validation for pipe devices
https://notcve.org/view.php?id=CVE-2023-36664
25 Jun 2023 — Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). Artifex Ghostscript a través de 10.01.2 maneja mal la validación de permisos para dispositivos pipe (con el prefijo %pipe% o el prefijo | pipe character). A vulnerability was found in Ghostscript. This flaw occurs due to a mishandled permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). The Ghostscript suite contains utilitie... • https://github.com/jakabakos/CVE-2023-36664-Ghostscript-command-injection • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-552: Files or Directories Accessible to External Parties •
CVSS: 10.0EPSS: 31%CPEs: 3EXPL: 1CVE-2023-28879 – ghostscript: buffer overflow in base/sbcp.c leading to data corruption
https://notcve.org/view.php?id=CVE-2023-28879
31 Mar 2023 — In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written. En Artifex Ghostscript hasta la versión 10.01.0, hay un desbordamiento de búfer que puede corromper los datos internos del intérprete PostScript, en base/s... • http://www.openwall.com/lists/oss-security/2023/04/12/4 • CWE-787: Out-of-bounds Write •