Artifex Ghostscript 10.03.1

CPE Details

Artifex Ghostscript 10.03.1
artifex
ghostscript
10.03.1
2024-12-23
17h46 +00:00
2024-12-23
17h46 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:artifex:ghostscript:10.03.1:*:*:*:*:*:*:*

Informations

Vendor

artifex

Product

ghostscript

Version

10.03.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-27830 2025-03-25 00h00 +00:00 An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs during serialization of DollarBlend in a font, for base/write_t1.c and psi/zfapi.c.
7.8
High
CVE-2025-27831 2025-03-25 00h00 +00:00 An issue was discovered in Artifex Ghostscript before 10.05.0. The DOCXWRITE TXTWRITE device has a text buffer overflow via long characters to devices/vector/doc_common.c.
9.8
Critical
CVE-2025-27832 2025-03-25 00h00 +00:00 An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for contrib/japanese/gdevnpdl.c.
9.8
Critical
CVE-2025-27833 2025-03-25 00h00 +00:00 An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs for a long TTF font name to pdf/pdf_fmap.c.
7.8
High
CVE-2025-27834 2025-03-25 00h00 +00:00 An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdf_func.c.
7.8
High
CVE-2025-27835 2025-03-25 00h00 +00:00 An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c.
7.8
High
CVE-2025-27836 2025-03-25 00h00 +00:00 An issue was discovered in Artifex Ghostscript before 10.05.0. The BJ10V device has a Print buffer overflow in contrib/japanese/gdev10v.c.
9.8
Critical
CVE-2025-27837 2025-03-25 00h00 +00:00 An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gp_mswin.c and base/winrtsup.cpp.
9.8
Critical
CVE-2024-46951 2024-11-09 23h00 +00:00 An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.
7.8
High
CVE-2024-46952 2024-11-09 23h00 +00:00 An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).
8.4
High
CVE-2024-46953 2024-11-09 23h00 +00:00 An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.
7.8
High
CVE-2024-46954 2024-11-09 23h00 +00:00 An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
8.4
High
CVE-2024-46955 2024-11-09 23h00 +00:00 An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.
5.5
Medium
CVE-2024-46956 2024-11-09 23h00 +00:00 An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.
7.8
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.