CVE-2021-45944 - Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sa

CVE-2021-45944

Summary

Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).

References

Vulnerable Configurations

cpe:2.3:a:artifex:ghostscript:9.50:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.50:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.51:-:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.51:-:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.51:rc2:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.51:rc2:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.52:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.52:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.53.0:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.53.0:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.53.0:rc2:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.53.0:rc2:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.53.1:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.53.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

Last major update

21-01-2022 - 14:41

Published

01-01-2022 - 00:15

Last modified

21-01-2022 - 14:41