ghostscript is vulnerable to denial of service (DoS). The vulnerability exists due to the buffer overflow in the image_render_color_thresh
function in base/gxicolor.c
, allowing a malicious user to crash the application via a crafted esp file.
git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=027c546e0dd11e0526f1780a7f3c2c66acffe209
bugs.ghostscript.com/show_bug.cgi?id=701816
lists.debian.org/debian-lts-announce/2020/08/msg00032.html
security-tracker.debian.org/tracker/CVE-2020-16304
security.gentoo.org/glsa/202008-20
usn.ubuntu.com/4469-1/
www.debian.org/security/2020/dsa-4748