Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2023-2405
Vulnerability from csaf_certbund
Published
2020-08-12 22:00
Modified
2023-11-14 23:00
Summary
Ghostscript: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Ghostscript ist ein kostenloser Interpreter der Seitenbeschreibungssprachen PostScript und Portable Document Format (PDF).
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Ghostscript ausnutzen, um seine Privilegien zu erhöhen oder einen Denial of Service Zustand herzustellen.
Betroffene Betriebssysteme
- UNIX
- Linux
- MacOS X
- Windows
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Ghostscript ist ein kostenloser Interpreter der Seitenbeschreibungssprachen PostScript und Portable Document Format (PDF).",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Ghostscript ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herzustellen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- MacOS X\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2405 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2023-2405.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2405 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2405"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:7053 vom 2023-11-15",
"url": "https://access.redhat.com/errata/RHSA-2023:7053"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-1867 vom 2023-10-25",
"url": "https://alas.aws.amazon.com/ALAS-2023-1867.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-2308 vom 2023-10-20",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2308.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-1854 vom 2023-10-06",
"url": "https://alas.aws.amazon.com/ALAS-2023-1854.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-2261 vom 2023-09-21",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2261.html"
},
{
"category": "external",
"summary": "GhostScript Release Notes vom 2020-08-12",
"url": "https://www.ghostscript.com/doc/9.52/History9.htm"
},
{
"category": "external",
"summary": "NIST Database vom 2020-08-12",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16287"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-2335 vom 2020-08-20",
"url": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202008/msg00032.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4469-1 vom 2020-08-24",
"url": "https://usn.ubuntu.com/4469-1/"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4748 vom 2020-08-26",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"category": "external",
"summary": "Gentoo Security Advisory GLSA-202008-20 vom 2020-08-29",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:1852 vom 2021-05-18",
"url": "https://access.redhat.com/errata/RHSA-2021:1852"
}
],
"source_lang": "en-US",
"title": "Ghostscript: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-11-14T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:58:40.609+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2405",
"initial_release_date": "2020-08-12T22:00:00.000+00:00",
"revision_history": [
{
"date": "2020-08-12T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2020-08-20T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2020-08-24T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2020-08-25T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2020-08-30T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von GENTOO aufgenommen"
},
{
"date": "2021-05-18T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-09-20T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-10-08T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-10-19T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-10-24T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-11-14T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "11"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Ghostscript \u003c 9.52",
"product": {
"name": "Open Source Ghostscript \u003c 9.52",
"product_id": "T017005",
"product_identification_helper": {
"cpe": "cpe:/a:ghostscript:ghostscript:9.52"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-16287",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16287"
},
{
"cve": "CVE-2020-16288",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16288"
},
{
"cve": "CVE-2020-16289",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16289"
},
{
"cve": "CVE-2020-16290",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16290"
},
{
"cve": "CVE-2020-16291",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16291"
},
{
"cve": "CVE-2020-16292",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16292"
},
{
"cve": "CVE-2020-16293",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16293"
},
{
"cve": "CVE-2020-16294",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16294"
},
{
"cve": "CVE-2020-16295",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16295"
},
{
"cve": "CVE-2020-16296",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16296"
},
{
"cve": "CVE-2020-16297",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16297"
},
{
"cve": "CVE-2020-16298",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16298"
},
{
"cve": "CVE-2020-16299",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16299"
},
{
"cve": "CVE-2020-16300",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16300"
},
{
"cve": "CVE-2020-16301",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16301"
},
{
"cve": "CVE-2020-16302",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16302"
},
{
"cve": "CVE-2020-16303",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16303"
},
{
"cve": "CVE-2020-16304",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16304"
},
{
"cve": "CVE-2020-16305",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16305"
},
{
"cve": "CVE-2020-16306",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16306"
},
{
"cve": "CVE-2020-16307",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16307"
},
{
"cve": "CVE-2020-16308",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16308"
},
{
"cve": "CVE-2020-16309",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16309"
},
{
"cve": "CVE-2020-16310",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-16310"
},
{
"cve": "CVE-2020-17538",
"notes": [
{
"category": "description",
"text": "In Ghostscript existieren mehrere Schwachstellen aufgrund von verschiedenen Puffer\u00fcberl\u00e4ufen, Division-durch-Null-Fehlern, Null-Zeiger-Dereferenzierungen sowie Use-after-Free-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte .pdf-Datei \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"398363",
"T012167"
]
},
"release_date": "2020-08-12T22:00:00.000+00:00",
"title": "CVE-2020-17538"
}
]
}
cve-2020-16296
Vulnerability from cvelistv5
Published
2020-08-13 02:08
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701792 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=9f39ed4a92578a020ae10459643e1fe72573d134 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.207Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701792"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=9f39ed4a92578a020ae10459643e1fe72573d134"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:13",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701792"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=9f39ed4a92578a020ae10459643e1fe72573d134"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16296",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701792",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701792"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=9f39ed4a92578a020ae10459643e1fe72573d134",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=9f39ed4a92578a020ae10459643e1fe72573d134"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16296",
"datePublished": "2020-08-13T02:08:28",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16301
Vulnerability from cvelistv5
Published
2020-08-13 02:08
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701808 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=f54414c8b15b2c27d1dcadd92cfe84f6d15f18dc | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701808"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=f54414c8b15b2c27d1dcadd92cfe84f6d15f18dc"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:19",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701808"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=f54414c8b15b2c27d1dcadd92cfe84f6d15f18dc"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701808",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701808"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=f54414c8b15b2c27d1dcadd92cfe84f6d15f18dc",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=f54414c8b15b2c27d1dcadd92cfe84f6d15f18dc"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16301",
"datePublished": "2020-08-13T02:08:58",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16292
Vulnerability from cvelistv5
Published
2020-08-13 02:08
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701793 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=863ada11f9a942a622a581312e2be022d9e2a6f7 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701793"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=863ada11f9a942a622a581312e2be022d9e2a6f7"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:25",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701793"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=863ada11f9a942a622a581312e2be022d9e2a6f7"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16292",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701793",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701793"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=863ada11f9a942a622a581312e2be022d9e2a6f7",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=863ada11f9a942a622a581312e2be022d9e2a6f7"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16292",
"datePublished": "2020-08-13T02:08:08",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16307
Vulnerability from cvelistv5
Published
2020-08-13 02:09
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701822 | x_refsource_MISC | |
| http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=407c98a38c3a6ac1681144ed45cc2f4fc374c91f | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701822"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=407c98a38c3a6ac1681144ed45cc2f4fc374c91f"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:14",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701822"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=407c98a38c3a6ac1681144ed45cc2f4fc374c91f"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16307",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701822",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701822"
},
{
"name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=407c98a38c3a6ac1681144ed45cc2f4fc374c91f",
"refsource": "MISC",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=407c98a38c3a6ac1681144ed45cc2f4fc374c91f"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16307",
"datePublished": "2020-08-13T02:09:44",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-17538
Vulnerability from cvelistv5
Published
2020-08-13 02:10
Modified
2024-08-04 14:00
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701792 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=9f39ed4a92578a020ae10459643e1fe72573d134 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:00:49.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701792"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=9f39ed4a92578a020ae10459643e1fe72573d134"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:25",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701792"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=9f39ed4a92578a020ae10459643e1fe72573d134"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-17538",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701792",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701792"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=9f39ed4a92578a020ae10459643e1fe72573d134",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=9f39ed4a92578a020ae10459643e1fe72573d134"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-17538",
"datePublished": "2020-08-13T02:10:10",
"dateReserved": "2020-08-12T00:00:00",
"dateUpdated": "2024-08-04T14:00:49.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16287
Vulnerability from cvelistv5
Published
2020-08-13 02:07
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701785 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=450da26a76286a8342ec0864b3d113856709f8f6 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701785"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=450da26a76286a8342ec0864b3d113856709f8f6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701785"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=450da26a76286a8342ec0864b3d113856709f8f6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16287",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701785",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701785"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=450da26a76286a8342ec0864b3d113856709f8f6",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=450da26a76286a8342ec0864b3d113856709f8f6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16287",
"datePublished": "2020-08-13T02:07:31",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16293
Vulnerability from cvelistv5
Published
2020-08-13 02:08
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701795 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=7870f4951bcc6a153f317e3439e14d0e929fd231 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701795"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=7870f4951bcc6a153f317e3439e14d0e929fd231"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:19",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701795"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=7870f4951bcc6a153f317e3439e14d0e929fd231"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16293",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701795",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701795"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=7870f4951bcc6a153f317e3439e14d0e929fd231",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=7870f4951bcc6a153f317e3439e14d0e929fd231"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16293",
"datePublished": "2020-08-13T02:08:12",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16300
Vulnerability from cvelistv5
Published
2020-08-13 02:08
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701807 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=714e8995cd582d418276915cbbec3c70711fb19e | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701807"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=714e8995cd582d418276915cbbec3c70711fb19e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:24",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701807"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=714e8995cd582d418276915cbbec3c70711fb19e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16300",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701807",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701807"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=714e8995cd582d418276915cbbec3c70711fb19e",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=714e8995cd582d418276915cbbec3c70711fb19e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16300",
"datePublished": "2020-08-13T02:08:50",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16297
Vulnerability from cvelistv5
Published
2020-08-13 02:08
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701800 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=bf72f1a3dd5392ee8291e3b1518a0c2c5dc6ba39 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701800"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=bf72f1a3dd5392ee8291e3b1518a0c2c5dc6ba39"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701800"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=bf72f1a3dd5392ee8291e3b1518a0c2c5dc6ba39"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701800",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701800"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=bf72f1a3dd5392ee8291e3b1518a0c2c5dc6ba39",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=bf72f1a3dd5392ee8291e3b1518a0c2c5dc6ba39"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16297",
"datePublished": "2020-08-13T02:08:34",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16294
Vulnerability from cvelistv5
Published
2020-08-13 02:08
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701794 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=89f58f1aa95b3482cadf6977da49457194ee5358 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701794"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=89f58f1aa95b3482cadf6977da49457194ee5358"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:21",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701794"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=89f58f1aa95b3482cadf6977da49457194ee5358"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16294",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701794",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701794"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=89f58f1aa95b3482cadf6977da49457194ee5358",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=89f58f1aa95b3482cadf6977da49457194ee5358"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16294",
"datePublished": "2020-08-13T02:08:17",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16310
Vulnerability from cvelistv5
Published
2020-08-13 02:10
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701828 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=eaba1d97b62831b42c51840cc8ee2bc4576c942e | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=eaba1d97b62831b42c51840cc8ee2bc4576c942e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=eaba1d97b62831b42c51840cc8ee2bc4576c942e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16310",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701828",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701828"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=eaba1d97b62831b42c51840cc8ee2bc4576c942e",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=eaba1d97b62831b42c51840cc8ee2bc4576c942e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16310",
"datePublished": "2020-08-13T02:10:04",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16302
Vulnerability from cvelistv5
Published
2020-08-13 02:09
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701815 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=366ad48d076c1aa4c8f83c65011258a04e348207 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701815"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=366ad48d076c1aa4c8f83c65011258a04e348207"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701815"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=366ad48d076c1aa4c8f83c65011258a04e348207"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16302",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701815",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701815"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=366ad48d076c1aa4c8f83c65011258a04e348207",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=366ad48d076c1aa4c8f83c65011258a04e348207"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16302",
"datePublished": "2020-08-13T02:09:02",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16289
Vulnerability from cvelistv5
Published
2020-08-13 02:07
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701788 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=d31e25ed5b130499e0d880e4609b1b4824699768 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701788"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=d31e25ed5b130499e0d880e4609b1b4824699768"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701788"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=d31e25ed5b130499e0d880e4609b1b4824699768"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16289",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701788",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701788"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=d31e25ed5b130499e0d880e4609b1b4824699768",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=d31e25ed5b130499e0d880e4609b1b4824699768"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16289",
"datePublished": "2020-08-13T02:07:50",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16295
Vulnerability from cvelistv5
Published
2020-08-13 02:08
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701796 | x_refsource_MISC | |
| http://git.ghostscript.com/?p=ghostpdl.git%3Bh=2c2dc335c212750e0fb8ae157063bc06cafa8d3e | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701796"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Bh=2c2dc335c212750e0fb8ae157063bc06cafa8d3e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:17",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701796"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Bh=2c2dc335c212750e0fb8ae157063bc06cafa8d3e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701796",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701796"
},
{
"name": "http://git.ghostscript.com/?p=ghostpdl.git;h=2c2dc335c212750e0fb8ae157063bc06cafa8d3e",
"refsource": "MISC",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;h=2c2dc335c212750e0fb8ae157063bc06cafa8d3e"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16295",
"datePublished": "2020-08-13T02:08:22",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.249Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16308
Vulnerability from cvelistv5
Published
2020-08-13 02:09
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701829 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=af004276fd8f6c305727183c159b83021020f7d6 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701829"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=af004276fd8f6c305727183c159b83021020f7d6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:20",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701829"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=af004276fd8f6c305727183c159b83021020f7d6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701829",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701829"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=af004276fd8f6c305727183c159b83021020f7d6",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=af004276fd8f6c305727183c159b83021020f7d6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16308",
"datePublished": "2020-08-13T02:09:49",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16306
Vulnerability from cvelistv5
Published
2020-08-13 02:09
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701821 | x_refsource_MISC | |
| http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=aadb53eb834b3def3ef68d78865ff87a68901804 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701821"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=aadb53eb834b3def3ef68d78865ff87a68901804"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:21",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701821"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=aadb53eb834b3def3ef68d78865ff87a68901804"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16306",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701821",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701821"
},
{
"name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=aadb53eb834b3def3ef68d78865ff87a68901804",
"refsource": "MISC",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=aadb53eb834b3def3ef68d78865ff87a68901804"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16306",
"datePublished": "2020-08-13T02:09:26",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16305
Vulnerability from cvelistv5
Published
2020-08-13 02:09
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701819 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=2793769ff107d8d22dadd30c6e68cd781b569550 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701819"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=2793769ff107d8d22dadd30c6e68cd781b569550"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:13",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701819"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=2793769ff107d8d22dadd30c6e68cd781b569550"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16305",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701819",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701819"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2793769ff107d8d22dadd30c6e68cd781b569550",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2793769ff107d8d22dadd30c6e68cd781b569550"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16305",
"datePublished": "2020-08-13T02:09:22",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16304
Vulnerability from cvelistv5
Published
2020-08-13 02:09
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701816 | x_refsource_MISC | |
| http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=027c546e0dd11e0526f1780a7f3c2c66acffe209 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701816"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=027c546e0dd11e0526f1780a7f3c2c66acffe209"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701816"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=027c546e0dd11e0526f1780a7f3c2c66acffe209"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16304",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701816",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701816"
},
{
"name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=027c546e0dd11e0526f1780a7f3c2c66acffe209",
"refsource": "MISC",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=027c546e0dd11e0526f1780a7f3c2c66acffe209"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16304",
"datePublished": "2020-08-13T02:09:12",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16298
Vulnerability from cvelistv5
Published
2020-08-13 02:08
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701799 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=849e74e5ab450dd581942192da7101e0664fa5af | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701799"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=849e74e5ab450dd581942192da7101e0664fa5af"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:11",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701799"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=849e74e5ab450dd581942192da7101e0664fa5af"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16298",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701799",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701799"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=849e74e5ab450dd581942192da7101e0664fa5af",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=849e74e5ab450dd581942192da7101e0664fa5af"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16298",
"datePublished": "2020-08-13T02:08:40",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16291
Vulnerability from cvelistv5
Published
2020-08-13 02:08
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701787 | x_refsource_MISC | |
| http://git.ghostscript.com/?p=ghostpdl.git%3Bh=4f73e8b4d578e69a17f452fa60d2130c5faaefd6 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701787"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Bh=4f73e8b4d578e69a17f452fa60d2130c5faaefd6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:18",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701787"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Bh=4f73e8b4d578e69a17f452fa60d2130c5faaefd6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701787",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701787"
},
{
"name": "http://git.ghostscript.com/?p=ghostpdl.git;h=4f73e8b4d578e69a17f452fa60d2130c5faaefd6",
"refsource": "MISC",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;h=4f73e8b4d578e69a17f452fa60d2130c5faaefd6"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16291",
"datePublished": "2020-08-13T02:08:03",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16288
Vulnerability from cvelistv5
Published
2020-08-13 02:07
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701791 | x_refsource_MISC | |
| http://git.ghostscript.com/?p=ghostpdl.git%3Bh=aba3375ac24f8e02659d9b1eb9093909618cdb9f | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701791"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Bh=aba3375ac24f8e02659d9b1eb9093909618cdb9f"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:17",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701791"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Bh=aba3375ac24f8e02659d9b1eb9093909618cdb9f"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16288",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701791",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701791"
},
{
"name": "http://git.ghostscript.com/?p=ghostpdl.git;h=aba3375ac24f8e02659d9b1eb9093909618cdb9f",
"refsource": "MISC",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;h=aba3375ac24f8e02659d9b1eb9093909618cdb9f"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16288",
"datePublished": "2020-08-13T02:07:45",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16303
Vulnerability from cvelistv5
Published
2020-08-13 02:09
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701818 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=94d8955cb77 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701818"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=94d8955cb77"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:22",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701818"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=94d8955cb77"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16303",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701818",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701818"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=94d8955cb77",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=94d8955cb77"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16303",
"datePublished": "2020-08-13T02:09:06",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16299
Vulnerability from cvelistv5
Published
2020-08-13 02:08
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701801 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=4fcbece46870 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=19cebe708b9ee3d9e0f8bcdd79dbc6ef9ddc70d2 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701801"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=4fcbece46870"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=19cebe708b9ee3d9e0f8bcdd79dbc6ef9ddc70d2"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:11",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701801"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=4fcbece46870"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=19cebe708b9ee3d9e0f8bcdd79dbc6ef9ddc70d2"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16299",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701801",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701801"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=4fcbece46870",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=4fcbece46870"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=19cebe708b9ee3d9e0f8bcdd79dbc6ef9ddc70d2",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=19cebe708b9ee3d9e0f8bcdd79dbc6ef9ddc70d2"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16299",
"datePublished": "2020-08-13T02:08:45",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16290
Vulnerability from cvelistv5
Published
2020-08-13 02:07
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701786 | x_refsource_MISC | |
| http://git.ghostscript.com/?p=ghostpdl.git%3Bh=93cb0c0adbd9bcfefd021d59c472388f67d3300d | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701786"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Bh=93cb0c0adbd9bcfefd021d59c472388f67d3300d"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:16",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701786"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.ghostscript.com/?p=ghostpdl.git%3Bh=93cb0c0adbd9bcfefd021d59c472388f67d3300d"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701786",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701786"
},
{
"name": "http://git.ghostscript.com/?p=ghostpdl.git;h=93cb0c0adbd9bcfefd021d59c472388f67d3300d",
"refsource": "MISC",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;h=93cb0c0adbd9bcfefd021d59c472388f67d3300d"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16290",
"datePublished": "2020-08-13T02:07:58",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-16309
Vulnerability from cvelistv5
Published
2020-08-13 02:09
Modified
2024-08-04 13:37
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This is fixed in v9.51.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701827 | x_refsource_MISC | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=a6f7464dddc689386668a38b92dfd03cc1b38a10 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4748 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202008-20 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4469-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701827"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=a6f7464dddc689386668a38b92dfd03cc1b38a10"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This is fixed in v9.51."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T20:06:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701827"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=a6f7464dddc689386668a38b92dfd03cc1b38a10"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4469-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16309",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This is fixed in v9.51."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701827",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701827"
},
{
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a6f7464dddc689386668a38b92dfd03cc1b38a10",
"refsource": "MISC",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a6f7464dddc689386668a38b92dfd03cc1b38a10"
},
{
"name": "[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"name": "DSA-4748",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4748"
},
{
"name": "GLSA-202008-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"name": "USN-4469-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4469-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16309",
"datePublished": "2020-08-13T02:09:56",
"dateReserved": "2020-08-03T00:00:00",
"dateUpdated": "2024-08-04T13:37:54.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.