ghostscript-library (SUSE:Linux Enterprise Server 11 SP3-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 11 SP3-LTSS package ghostscript-library, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (13)
CVE-2016-7979 — CVSS 9.8 (critical): Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code…
CVE-2018-16540 — CVSS 7.8 (high): In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a…
CVE-2018-16511 — CVSS 7.8 (high): An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply…
CVE-2018-16513 — CVSS 7.8 (high): In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function…
CVE-2017-9611 — CVSS 7.8 (high): The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service…
CVE-2018-15910 — CVSS 7.8 (high): In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams…
CVE-2018-16509 — CVSS 7.8 (high): An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess…
CVE-2015-3228 — CVSS 6.8 (medium): Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a…
CVE-2018-16542 — CVSS 5.5 (medium): In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size…
CVE-2016-7977 — CVSS 5.5 (medium): Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files…
CVE-2018-16541 — CVSS 5.5 (medium): In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice…
CVE-2013-5653 — CVSS 5.5 (medium): The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a…