Lucene search

K

Veracode Vulnerability DatabaseVERACODE:19636

HistoryMay 16, 2019 - 3:22 a.m.

Denial Of Service (DoS)

2019-05-1603:22:33

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

14

EPSS

0.01

Percentile

83.6%

Ghostscript is vulnerable to denial of service (DoS) attacks. This is because the .type operator does not properly validate its operands. A remote attacker could supply crafted PostScript to crash the interpreter impacting the availability.

References

git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0edd3d6c634a577db261615a9dc2719bca7f6e01

seclists.org/oss-sec/2018/q3/182

access.redhat.com/errata/RHSA-2018:3650

access.redhat.com/security/updates/classification/#important

bugs.ghostscript.com/show_bug.cgi?id=699659

lists.debian.org/debian-lts-announce/2018/09/msg00015.html

security.gentoo.org/glsa/201811-12

usn.ubuntu.com/3768-1/

www.artifex.com/news/ghostscript-security-resolved/

www.debian.org/security/2018/dsa-4288

EPSS

0.01

Percentile

83.6%

Related for VERACODE:19636

nvd1 debiancve1 prion1 redhatcve1 cvelist1 cve1 ubuntucve1 nessus25 openvas14 redhat1 centos1 oraclelinux2 ibm1 debian2 osv3 mageia1 amazon1 ubuntu1 suse2 gentoo1