Gpl Ghostscript
Approved changes feed: RSS · Atom
cpe:2.3:a:artifex:gpl_ghostscript:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Artifex (0075fabc-cec9-5063-a004-04a5c9db1a9b) |
|---|---|
| Product | Gpl Ghostscript (a657a36f-664a-5042-bdac-558e28fdd277) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:ghostscript/ghostpdl |
purl2cpe | 2026-06-01 10:14:59.836864 |
pkg:ghostscript/gsdnld |
purl2cpe | 2026-06-01 10:14:59.836868 |
pkg:github/artifexsoftware/ghostpdl |
purl2cpe | 2026-06-01 10:14:59.836872 |
pkg:github/artifexsoftware/ghostpdl-downloads |
purl2cpe | 2026-06-01 10:14:59.836875 |
pkg:rpm/opensuse/ghostpdl |
purl2cpe | 2026-06-01 10:14:59.836879 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2013-6629 |
vulnerable | 2026-06-08 05:04:57.286810 |
Details available
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.
Published: 2013-11-15T20:00:00.000Z
Updated: 2024-08-06T17:46:22.170Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2010-2055 |
vulnerable | 2026-06-08 04:54:11.388082 |
Details available
Ghostscript 8.71 and earlier reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option to the gs program, as demonstrated using gs_init.ps, a different vulnerability than CVE-2010-4820.
Published: 2010-07-22T01:00:00.000Z
Updated: 2024-08-07T02:17:14.441Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2009-4897 |
vulnerable | 2026-06-08 04:51:50.402759 |
Details available
Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document containing a long name.
Published: 2010-07-22T01:00:00.000Z
Updated: 2024-08-07T07:17:26.149Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2009-3743 |
vulnerable | 2026-06-08 04:51:44.122375 |
Details available
Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript before 8.71 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed TrueType font in a document that trigger an integer overflow and a heap-based buffer overflow.
Published: 2010-08-26T20:00:00.000Z
Updated: 2024-08-07T06:38:30.343Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.