Vulnerabilities > Artifex

DATE CVE VULNERABILITY TITLE RISK
2023-04-17 CVE-2021-33797 Integer Overflow or Wraparound vulnerability in Artifex Mujs
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1.
network
low complexity
artifex CWE-190
critical
 9.8
9.8
2023-03-31 CVE-2023-28879 Out-of-bounds Write vulnerability in multiple products
In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c.
network
low complexity
artifex debian CWE-787
critical
 9.8
9.8
2022-11-23 CVE-2022-44789 Out-of-bounds Write vulnerability in multiple products
A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file.
network
low complexity
artifex debian fedoraproject CWE-787
8.8
8.8
2022-08-19 CVE-2020-27792 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file.
local
low complexity
artifex debian CWE-119
7.1
7.1
2022-06-16 CVE-2022-2085 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory.
local
low complexity
artifex fedoraproject CWE-476
5.5
5.5
2022-05-18 CVE-2022-30974 Uncontrolled Recursion vulnerability in multiple products
compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413.
local
low complexity
artifex debian fedoraproject CWE-674
5.5
5.5
2022-05-18 CVE-2022-30975 NULL Pointer Dereference vulnerability in multiple products
In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp.
local
low complexity
artifex debian fedoraproject CWE-476
5.5
5.5
2022-04-25 CVE-2019-25059 Artifex Ghostscript through 9.26 mishandles .completefont.
local
low complexity
artifex debian
7.8
7.8
2022-04-14 CVE-2022-1350 Out-of-bounds Write vulnerability in Artifex Ghostpcl 9.55.0
A vulnerability classified as problematic was found in GhostPCL 9.55.0.
network
artifex CWE-787
6.8
6.8
2022-02-16 CVE-2021-3781 OS Command Injection vulnerability in multiple products
A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command.
network
low complexity
artifex fedoraproject CWE-78
critical
 9.9
9.9