Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2023-2405
Vulnerability from csaf_certbund - Published: 2020-08-12 22:00 - Updated: 2023-11-14 23:00Summary
Ghostscript: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Ghostscript ist ein kostenloser Interpreter der Seitenbeschreibungssprachen PostScript und Portable Document Format (PDF).
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Ghostscript ausnutzen, um seine Privilegien zu erhöhen oder einen Denial of Service Zustand herzustellen.
Betroffene Betriebssysteme
- UNIX
- Linux
- MacOS X
- Windows
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Ghostscript ist ein kostenloser Interpreter der Seitenbeschreibungssprachen PostScript und Portable Document Format (PDF).",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Ghostscript ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herzustellen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- MacOS X\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2405 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2023-2405.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2405 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2405"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:7053 vom 2023-11-15",
"url": "https://access.redhat.com/errata/RHSA-2023:7053"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-1867 vom 2023-10-25",
"url": "https://alas.aws.amazon.com/ALAS-2023-1867.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-2308 vom 2023-10-20",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2308.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-1854 vom 2023-10-06",
"url": "https://alas.aws.amazon.com/ALAS-2023-1854.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-2261 vom 2023-09-21",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2261.html"
},
{
"category": "external",
"summary": "GhostScript Release Notes vom 2020-08-12",
"url": "https://www.ghostscript.com/doc/9.52/History9.htm"
},
{
"category": "external",
"summary": "NIST Database vom 2020-08-12",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16287"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-2335 vom 2020-08-20",
"url": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202008/msg00032.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4469-1 vom 2020-08-24",
"url": "https://usn.ubuntu.com/4469-1/"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4748 vom 2020-08-26",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"category": "external",
"summary": "Gentoo Security Advisory GLSA-202008-20 vom 2020-08-29",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:1852 vom 2021-05-18",
"url": "https://access.redhat.com/errata/RHSA-2021:1852"
}
],
"source_lang": "en-US",
"title": "Ghostscript: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-11-14T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:58:40.609+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2405",
"initial_release_date": "2020-08-12T22:00:00.000+00:00",
"revision_history": [
{
"date": "2020-08-12T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2020-08-20T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2020-08-24T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2020-08-25T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2020-08-30T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von GENTOO aufgenommen"
},
{
"date": "2021-05-18T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-09-20T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-10-08T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-10-19T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-10-24T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-11-14T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "11"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Ghostscript \u003c 9.52",
"product": {
"name": "Open Source Ghostscript \u003c 9.52",
"product_id": "T017005",
"product_identification_helper": {
"cpe": "cpe:/a:ghostscript:ghostscript:9.52"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-16287",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16287"
},
{
"cve": "CVE-2020-16288",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16288"
},
{
"cve": "CVE-2020-16289",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16289"
},
{
"cve": "CVE-2020-16290",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16290"
},
{
"cve": "CVE-2020-16291",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16291"
},
{
"cve": "CVE-2020-16292",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16292"
},
{
"cve": "CVE-2020-16293",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16293"
},
{
"cve": "CVE-2020-16294",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16294"
},
{
"cve": "CVE-2020-16295",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16295"
},
{
"cve": "CVE-2020-16296",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16296"
},
{
"cve": "CVE-2020-16297",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16297"
},
{
"cve": "CVE-2020-16298",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16298"
},
{
"cve": "CVE-2020-16299",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16299"
},
{
"cve": "CVE-2020-16300",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16300"
},
{
"cve": "CVE-2020-16301",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16301"
},
{
"cve": "CVE-2020-16302",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16302"
},
{
"cve": "CVE-2020-16303",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16303"
},
{
"cve": "CVE-2020-16304",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16304"
},
{
"cve": "CVE-2020-16305",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16305"
},
{
"cve": "CVE-2020-16306",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16306"
},
{
"cve": "CVE-2020-16307",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16307"
},
{
"cve": "CVE-2020-16308",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16308"
},
{
"cve": "CVE-2020-16309",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16309"
},
{
"cve": "CVE-2020-16310",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16310"
},
{
"cve": "CVE-2020-17538",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-17538"
}
]
}
CVE-2020-16308 (GCVE-0-2020-16308)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:09 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701829"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=af004276fd8f6c305727183c159b83021020f7d6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:20",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701829"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=af004276fd8f6c305727183c159b83021020f7d6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701829",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701829"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=af004276fd8f6c305727183c159b83021020f7d6",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=af004276fd8f6c305727183c159b83021020f7d6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16308",
"datePublished": "2020-08-13T02:09:49",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16299 (GCVE-0-2020-16299)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:08 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701801"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=4fcbece46870"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=19cebe708b9ee3d9e0f8bcdd79dbc6ef9ddc70d2"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:11",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701801"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=4fcbece46870"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=19cebe708b9ee3d9e0f8bcdd79dbc6ef9ddc70d2"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16299",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701801",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701801"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=4fcbece46870",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=4fcbece46870"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=19cebe708b9ee3d9e0f8bcdd79dbc6ef9ddc70d2",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=19cebe708b9ee3d9e0f8bcdd79dbc6ef9ddc70d2"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16299",
"datePublished": "2020-08-13T02:08:45",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16304 (GCVE-0-2020-16304)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:09 – Updated: 2025-03-04 18:37
VLAI?
EPSS
Summary
A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701816"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=027c546e0dd11e0526f1780a7f3c2c66acffe209"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-04T18:37:21.905Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701816"
},
{
"url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=027c546e0dd11e0526f1780a7f3c2c66acffe209"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4469-1/"
},
{
"url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/tree/base/gxicolor.c?h=ghostscript-9.18#n825"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16304",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701816",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701816"
},
{
"name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=027c546e0dd11e0526f1780a7f3c2c66acffe209",
"refsource": "MISC",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=027c546e0dd11e0526f1780a7f3c2c66acffe209"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16304",
"datePublished": "2020-08-13T02:09:12.000Z",
"dateReserved": "2020-08-03T00:00:00.000Z",
"dateUpdated": "2025-03-04T18:37:21.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16292 (GCVE-0-2020-16292)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:08 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701793"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=863ada11f9a942a622a581312e2be022d9e2a6f7"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:25",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701793"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=863ada11f9a942a622a581312e2be022d9e2a6f7"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16292",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701793",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701793"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=863ada11f9a942a622a581312e2be022d9e2a6f7",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=863ada11f9a942a622a581312e2be022d9e2a6f7"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16292",
"datePublished": "2020-08-13T02:08:08",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16294 (GCVE-0-2020-16294)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:08 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701794"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=89f58f1aa95b3482cadf6977da49457194ee5358"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:21",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701794"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=89f58f1aa95b3482cadf6977da49457194ee5358"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16294",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701794",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701794"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=89f58f1aa95b3482cadf6977da49457194ee5358",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=89f58f1aa95b3482cadf6977da49457194ee5358"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16294",
"datePublished": "2020-08-13T02:08:17",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16303 (GCVE-0-2020-16303)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:09 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701818"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=94d8955cb77"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:22",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701818"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=94d8955cb77"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16303",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701818",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701818"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=94d8955cb77",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=94d8955cb77"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16303",
"datePublished": "2020-08-13T02:09:06",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16291 (GCVE-0-2020-16291)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:08 – Updated: 2025-03-04 18:49
VLAI?
EPSS
Summary
A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701787"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Bh=4f73e8b4d578e69a17f452fa60d2130c5faaefd6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-04T18:49:33.855Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701787"
},
{
"url": "http://git.ghostscript.com/?p=ghostpdl.git;h=4f73e8b4d578e69a17f452fa60d2130c5faaefd6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4469-1/"
},
{
"url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/tree/contrib/gdevdj9.c?h=ghostpdl-9.18#n824"
},
{
"url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=4f73e8b4d578e69a17f452fa60d2130c5faaefd6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701787",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701787"
},
{
"name": "http://git.ghostscript.com/?p=ghostpdl.git;h=4f73e8b4d578e69a17f452fa60d2130c5faaefd6",
"refsource": "MISC",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;h=4f73e8b4d578e69a17f452fa60d2130c5faaefd6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16291",
"datePublished": "2020-08-13T02:08:03.000Z",
"dateReserved": "2020-08-03T00:00:00.000Z",
"dateUpdated": "2025-03-04T18:49:33.855Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16306 (GCVE-0-2020-16306)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:09 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701821"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=aadb53eb834b3def3ef68d78865ff87a68901804"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:21",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701821"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=aadb53eb834b3def3ef68d78865ff87a68901804"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16306",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701821",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701821"
},
{
"name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=aadb53eb834b3def3ef68d78865ff87a68901804",
"refsource": "MISC",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=aadb53eb834b3def3ef68d78865ff87a68901804"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16306",
"datePublished": "2020-08-13T02:09:26",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16295 (GCVE-0-2020-16295)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:08 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701796"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Bh=2c2dc335c212750e0fb8ae157063bc06cafa8d3e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:17",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701796"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Bh=2c2dc335c212750e0fb8ae157063bc06cafa8d3e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701796",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701796"
},
{
"name": "http://git.ghostscript.com/?p=ghostpdl.git;h=2c2dc335c212750e0fb8ae157063bc06cafa8d3e",
"refsource": "MISC",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;h=2c2dc335c212750e0fb8ae157063bc06cafa8d3e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16295",
"datePublished": "2020-08-13T02:08:22",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.249Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16298 (GCVE-0-2020-16298)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:08 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701799"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=849e74e5ab450dd581942192da7101e0664fa5af"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:11",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701799"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=849e74e5ab450dd581942192da7101e0664fa5af"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16298",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701799",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701799"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=849e74e5ab450dd581942192da7101e0664fa5af",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=849e74e5ab450dd581942192da7101e0664fa5af"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16298",
"datePublished": "2020-08-13T02:08:40",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16300 (GCVE-0-2020-16300)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:08 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701807"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=714e8995cd582d418276915cbbec3c70711fb19e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:24",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701807"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=714e8995cd582d418276915cbbec3c70711fb19e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16300",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701807",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701807"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=714e8995cd582d418276915cbbec3c70711fb19e",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=714e8995cd582d418276915cbbec3c70711fb19e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16300",
"datePublished": "2020-08-13T02:08:50",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16288 (GCVE-0-2020-16288)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:07 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701791"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Bh=aba3375ac24f8e02659d9b1eb9093909618cdb9f"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:17",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701791"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Bh=aba3375ac24f8e02659d9b1eb9093909618cdb9f"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16288",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701791",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701791"
},
{
"name": "http://git.ghostscript.com/?p=ghostpdl.git;h=aba3375ac24f8e02659d9b1eb9093909618cdb9f",
"refsource": "MISC",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;h=aba3375ac24f8e02659d9b1eb9093909618cdb9f"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16288",
"datePublished": "2020-08-13T02:07:45",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16305 (GCVE-0-2020-16305)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:09 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701819"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=2793769ff107d8d22dadd30c6e68cd781b569550"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:13",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701819"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=2793769ff107d8d22dadd30c6e68cd781b569550"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16305",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701819",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701819"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2793769ff107d8d22dadd30c6e68cd781b569550",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2793769ff107d8d22dadd30c6e68cd781b569550"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16305",
"datePublished": "2020-08-13T02:09:22",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16307 (GCVE-0-2020-16307)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:09 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701822"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=407c98a38c3a6ac1681144ed45cc2f4fc374c91f"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:14",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701822"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=407c98a38c3a6ac1681144ed45cc2f4fc374c91f"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16307",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701822",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701822"
},
{
"name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=407c98a38c3a6ac1681144ed45cc2f4fc374c91f",
"refsource": "MISC",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=407c98a38c3a6ac1681144ed45cc2f4fc374c91f"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16307",
"datePublished": "2020-08-13T02:09:44",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16293 (GCVE-0-2020-16293)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:08 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701795"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=7870f4951bcc6a153f317e3439e14d0e929fd231"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:19",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701795"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=7870f4951bcc6a153f317e3439e14d0e929fd231"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16293",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701795",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701795"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=7870f4951bcc6a153f317e3439e14d0e929fd231",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=7870f4951bcc6a153f317e3439e14d0e929fd231"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16293",
"datePublished": "2020-08-13T02:08:12",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16296 (GCVE-0-2020-16296)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:08 – Updated: 2025-03-24 20:30
VLAI?
EPSS
Summary
A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.207Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701792"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=9f39ed4a92578a020ae10459643e1fe72573d134"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-24T20:30:29.525Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701792"
},
{
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=9f39ed4a92578a020ae10459643e1fe72573d134"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4469-1/"
},
{
"url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/tree/contrib/lips4/gdevlips.c?h=ghostscript-9.18#n163"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16296",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701792",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701792"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=9f39ed4a92578a020ae10459643e1fe72573d134",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=9f39ed4a92578a020ae10459643e1fe72573d134"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16296",
"datePublished": "2020-08-13T02:08:28.000Z",
"dateReserved": "2020-08-03T00:00:00.000Z",
"dateUpdated": "2025-03-24T20:30:29.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16297 (GCVE-0-2020-16297)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:08 – Updated: 2025-03-04 18:44
VLAI?
EPSS
Summary
A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701800"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=bf72f1a3dd5392ee8291e3b1518a0c2c5dc6ba39"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-04T18:44:47.636Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701800"
},
{
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=bf72f1a3dd5392ee8291e3b1518a0c2c5dc6ba39"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4469-1/"
},
{
"url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=bf72f1a3dd5392ee8291e3b1518a0c2c5dc6ba39"
},
{
"url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/tree/contrib/gdevbjca.c?h=ghostpdl-9.18#n659"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701800",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701800"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=bf72f1a3dd5392ee8291e3b1518a0c2c5dc6ba39",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=bf72f1a3dd5392ee8291e3b1518a0c2c5dc6ba39"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16297",
"datePublished": "2020-08-13T02:08:34.000Z",
"dateReserved": "2020-08-03T00:00:00.000Z",
"dateUpdated": "2025-03-04T18:44:47.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16301 (GCVE-0-2020-16301)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:08 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701808"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=f54414c8b15b2c27d1dcadd92cfe84f6d15f18dc"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:19",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701808"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=f54414c8b15b2c27d1dcadd92cfe84f6d15f18dc"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701808",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701808"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=f54414c8b15b2c27d1dcadd92cfe84f6d15f18dc",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=f54414c8b15b2c27d1dcadd92cfe84f6d15f18dc"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16301",
"datePublished": "2020-08-13T02:08:58",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16289 (GCVE-0-2020-16289)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:07 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701788"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=d31e25ed5b130499e0d880e4609b1b4824699768"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701788"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=d31e25ed5b130499e0d880e4609b1b4824699768"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16289",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701788",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701788"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=d31e25ed5b130499e0d880e4609b1b4824699768",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=d31e25ed5b130499e0d880e4609b1b4824699768"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16289",
"datePublished": "2020-08-13T02:07:50",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-17538 (GCVE-0-2020-17538)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:10 – Updated: 2025-03-24 20:28
VLAI?
EPSS
Summary
A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:00:49.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701792"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=9f39ed4a92578a020ae10459643e1fe72573d134"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-24T20:28:54.780Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701792"
},
{
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=9f39ed4a92578a020ae10459643e1fe72573d134"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4469-1/"
},
{
"url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/tree/contrib/lips4/gdevlips.c?h=ghostscript-9.18#n148"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-17538",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701792",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701792"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=9f39ed4a92578a020ae10459643e1fe72573d134",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=9f39ed4a92578a020ae10459643e1fe72573d134"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-17538",
"datePublished": "2020-08-13T02:10:10.000Z",
"dateReserved": "2020-08-12T00:00:00.000Z",
"dateUpdated": "2025-03-24T20:28:54.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16287 (GCVE-0-2020-16287)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:07 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701785"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=450da26a76286a8342ec0864b3d113856709f8f6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701785"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=450da26a76286a8342ec0864b3d113856709f8f6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16287",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701785",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701785"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=450da26a76286a8342ec0864b3d113856709f8f6",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=450da26a76286a8342ec0864b3d113856709f8f6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16287",
"datePublished": "2020-08-13T02:07:31",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16302 (GCVE-0-2020-16302)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:09 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701815"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=366ad48d076c1aa4c8f83c65011258a04e348207"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701815"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=366ad48d076c1aa4c8f83c65011258a04e348207"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16302",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701815",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701815"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=366ad48d076c1aa4c8f83c65011258a04e348207",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=366ad48d076c1aa4c8f83c65011258a04e348207"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16302",
"datePublished": "2020-08-13T02:09:02",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16290 (GCVE-0-2020-16290)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:07 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701786"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Bh=93cb0c0adbd9bcfefd021d59c472388f67d3300d"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:16",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701786"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Bh=93cb0c0adbd9bcfefd021d59c472388f67d3300d"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701786",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701786"
},
{
"name": "http://git.ghostscript.com/?p=ghostpdl.git;h=93cb0c0adbd9bcfefd021d59c472388f67d3300d",
"refsource": "MISC",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;h=93cb0c0adbd9bcfefd021d59c472388f67d3300d"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16290",
"datePublished": "2020-08-13T02:07:58",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16309 (GCVE-0-2020-16309)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:09 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701827"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=a6f7464dddc689386668a38b92dfd03cc1b38a10"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701827"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=a6f7464dddc689386668a38b92dfd03cc1b38a10"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16309",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701827",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701827"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a6f7464dddc689386668a38b92dfd03cc1b38a10",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a6f7464dddc689386668a38b92dfd03cc1b38a10"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16309",
"datePublished": "2020-08-13T02:09:56",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16310 (GCVE-0-2020-16310)
Vulnerability from cvelistv5 – Published: 2020-08-13 02:10 – Updated: 2024-08-04 13:37
VLAI?
EPSS
Summary
A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=eaba1d97b62831b42c51840cc8ee2bc4576c942e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=eaba1d97b62831b42c51840cc8ee2bc4576c942e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16310",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701828",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701828"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=eaba1d97b62831b42c51840cc8ee2bc4576c942e",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=eaba1d97b62831b42c51840cc8ee2bc4576c942e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16310",
"datePublished": "2020-08-13T02:10:04",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…