Artifex Afpl Ghostscript — known CVE vulnerabilities
Every CVE whose affected-product data names Artifex Afpl Ghostscript, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2009-4897 — CVSS 9.3 (critical): Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allows remote attackers to execute arbitrary code or cause a denial of…
CVE-2009-3743 — CVSS 9.3 (critical): Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript before 8.71 allows remote attackers to…
CVE-2017-6196 — CVSS 7.8 (high): Multiple use-after-free vulnerabilities in the gx_image_enum_begin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432…
CVE-2010-2055 — CVSS 7.2 (high): Ghostscript 8.71 and earlier reads initialization files from the current working directory, which allows local users to execute arbitrary…
CVE-2015-3228 — CVSS 6.8 (medium): Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a…
CVE-2013-5653 — CVSS 5.5 (medium): The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a…
CVE-2010-4054 — CVSS 4.3 (medium): The gs_type2_interpret function in Ghostscript allows remote attackers to cause a denial of service (incorrect pointer dereference and…