CVE-2020-14373

Опубликовано: 03 сент. 2020

Источник: debian

EPSS Низкий

Описание

A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ghostscript	fixed	9.26~dfsg-1		package
ghostscript	fixed	9.26~dfsg-0+deb9u1	stretch	package

Примечания

https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ece5cbbd9979cd35737b00e68267762d72feb2ea
https://bugs.ghostscript.com/show_bug.cgi?id=702851

EPSS

Процентиль: 28%

0.00094

Низкий

Связанные уязвимости

CVE-2020-14373

CVSS3: 5.5

ubuntu

почти 5 лет назад

A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.

CVE-2020-14373

CVSS3: 5.5

redhat

почти 5 лет назад

A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.

CVE-2020-14373

CVSS3: 5.5

nvd

почти 5 лет назад

A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.

GHSA-qpgp-38q3-x9pp

github

около 3 лет назад

A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.

RLSA-2021:1852

rocky

около 4 лет назад

Moderate: ghostscript security, bug fix, and enhancement update

EPSS

Процентиль: 28%

0.00094

Низкий