Описание
Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one Unicode code point (e.g., for a ligature).
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | |
| esm-infra/bionic | not-affected | |
| esm-infra/focal | not-affected | 9.50~dfsg-5ubuntu4.11 |
| esm-infra/xenial | not-affected | |
| focal | not-affected | 9.50~dfsg-5ubuntu4.11 |
| jammy | not-affected | 9.55.0~dfsg1-0ubuntu5.5 |
| mantic | not-affected | |
| noble | not-affected | |
| trusty | ignored | end of standard support |
Показывать по
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one Unicode code point (e.g., for a ligature).
Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one Unicode code point (e.g., for a ligature).
Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-a ...
EPSS
9.8 Critical
CVSS3