ghostscript (SUSE:Linux Enterprise Software Development Kit 12 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Software Development Kit 12 SP2 package ghostscript, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2017-9612 — CVSS 7.8 (high): The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service…
CVE-2017-9726 — CVSS 7.8 (high): The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service…
CVE-2017-9727 — CVSS 7.8 (high): The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service…
CVE-2017-9739 — CVSS 7.8 (high): The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service…
CVE-2017-11714 — CVSS 7.8 (high): psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a…
CVE-2016-10317 — CVSS 7.8 (high): The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a…
CVE-2017-9835 — CVSS 7.8 (high): The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service…
CVE-2017-9216 — CVSS 6.5 (medium): libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function…
CVE-2017-7207 — CVSS 5.5 (medium): The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL…
CVE-2016-10219 — CVSS 5.5 (medium): The intersect function in base/gxfill.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service…
CVE-2016-10220 — CVSS 5.5 (medium): The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial…
CVE-2017-5951 — CVSS 5.5 (medium): The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial…
CVE-2013-5653 — CVSS 5.5 (medium): The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a…
CVE-2016-9601 — CVSS 5.3 (medium): ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_imag…