Artifex Ghostscript 10.03.0

CPE Details

Artifex Ghostscript 10.03.0
artifex
ghostscript
10.03.0
2024-03-25
17h02 +00:00
2024-03-25
17h02 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:artifex:ghostscript:10.03.0:*:*:*:*:*:*:*

Informations

Vendor

artifex

Product

ghostscript

Version

10.03.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-46951 2024-11-09 23h00 +00:00 An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.
7.8
High
CVE-2024-46952 2024-11-09 23h00 +00:00 An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).
8.4
High
CVE-2024-46953 2024-11-09 23h00 +00:00 An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.
7.8
High
CVE-2024-46954 2024-11-09 23h00 +00:00 An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
8.4
High
CVE-2024-46955 2024-11-09 23h00 +00:00 An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.
5.5
Medium
CVE-2024-46956 2024-11-09 23h00 +00:00 An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.
7.8
High