ghostscript (SUSE:OpenStack Cloud 9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 9 package ghostscript, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2021-3781 — CVSS 9.9 (critical): A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted…
CVE-2020-15900 — CVSS 9.8 (critical): A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of…
CVE-2023-28879 — CVSS 9.8 (critical): In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript…
CVE-2023-36664 — CVSS 7.8 (high): Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character…