Vulnerabilities > Artifex > Ghostscript > 6.01

DATE CVE VULNERABILITY TITLE RISK
2019-03-21 CVE-2019-6116 In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. 7.8
7.8
2019-01-02 CVE-2018-19478 Improper Input Validation vulnerability in multiple products
In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file.
local
low complexity
artifex debian CWE-20
5.5
5.5
2018-11-23 CVE-2018-19477 Incorrect Type Conversion or Cast vulnerability in multiple products
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
local
low complexity
artifex debian canonical redhat CWE-704
7.8
7.8
2018-11-23 CVE-2018-19476 Incorrect Type Conversion or Cast vulnerability in multiple products
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.
local
low complexity
artifex debian canonical redhat CWE-704
7.8
7.8
2018-11-23 CVE-2018-19475 psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
local
low complexity
artifex debian canonical redhat
7.8
7.8
2018-11-21 CVE-2018-19409 An issue was discovered in Artifex Ghostscript before 9.26.
network
low complexity
artifex debian canonical redhat
critical
 9.8
9.8
2018-09-06 CVE-2018-16585 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in Artifex Ghostscript before 9.24.
local
low complexity
artifex canonical debian CWE-119
7.8
7.8
2018-09-05 CVE-2018-16543 In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact.
local
low complexity
artifex canonical debian
7.8
7.8
2018-09-05 CVE-2018-16542 Out-of-bounds Write vulnerability in multiple products
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter.
local
low complexity
artifex redhat debian canonical CWE-787
5.5
5.5
2018-09-05 CVE-2018-16541 Use After Free vulnerability in multiple products
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter.
local
low complexity
artifex canonical debian redhat CWE-416
5.5
5.5