CVE-2020-36773
EUVD-2020-2421404.02.2024, 18:16
Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one Unicode code point (e.g., for a ligature).Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| artifex | ghostscript | 9.51 |
| artifex | ghostscript | 9.52 |
| artifex | ghostscript | 9.52.1 |
| artifex | ghostscript | 9.53.0:rc1 |
| artifex | ghostscript | 9.53.0:rc2 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ghostscript |
| ||||||||||||||||||||||||
| ghostscript-devel |
| ||||||||||||||||||||||||
| ghostscript-x11 |
|
Amazon Linux Releases
Amazon Package | |||
|---|---|---|---|
| ghostscript |
| ||
| ghostscript-cups |
| ||
| ghostscript-debuginfo |
| ||
| ghostscript-doc |
| ||
| ghostscript-gtk |
| ||
| libgs |
| ||
| libgs-devel |
|
Common Weakness Enumeration
References