Vulnerabilities > Artifex > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-04 | CVE-2020-36773 | Use After Free vulnerability in Artifex Ghostscript Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one Unicode code point (e.g., for a ligature). | 9.8 |
| 2023-04-17 | CVE-2021-33797 | Integer Overflow or Wraparound vulnerability in Artifex Mujs Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. | 9.8 |
| 2023-03-31 | CVE-2023-28879 | Out-of-bounds Write vulnerability in multiple products In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. | 9.8 |
| 2022-02-16 | CVE-2021-3781 | OS Command Injection vulnerability in multiple products A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. | 9.9 |
| 2022-02-14 | CVE-2021-45005 | Out-of-bounds Write vulnerability in Artifex Mujs 1.1.3 Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements. | 9.8 |
| 2020-07-28 | CVE-2020-15900 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. | 9.8 |
| 2020-04-27 | CVE-2020-12268 | Out-of-bounds Write vulnerability in multiple products jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow. | 9.8 |
| 2019-09-06 | CVE-2019-14813 | Incorrect Authorization vulnerability in multiple products A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. | 9.8 |
| 2019-06-13 | CVE-2019-7321 | Use of Uninitialized Resource vulnerability in Artifex Mupdf 1.14.0 Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code. | 9.8 |
| 2019-06-13 | CVE-2019-12798 | Incorrect Regular Expression vulnerability in Artifex Mujs 1.0.5 An issue was discovered in Artifex MuJS 1.0.5. | 9.8 |