Max CVSS | 6.8 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-14817 | 6.8 |
A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could dis
|
16-10-2020 - 13:21 | 03-09-2019 - 16:15 | |
CVE-2019-3839 | 6.8 |
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside o
|
15-10-2020 - 14:31 | 16-05-2019 - 19:29 | |
CVE-2019-14869 | 6.8 |
A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating
|
09-10-2020 - 13:12 | 15-11-2019 - 12:15 | |
CVE-2019-10216 | 6.8 |
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that coul
|
30-09-2020 - 18:17 | 27-11-2019 - 13:15 | |
CVE-2019-10216 | 6.8 |
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that coul
|
30-09-2020 - 18:17 | 27-11-2019 - 13:15 | |
CVE-2018-11645 | 5.0 |
psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.
|
11-11-2018 - 11:29 | 01-06-2018 - 12:29 |