Nixpkgs security tracker
Untriaged
Permalink
CVE-2023-38560
5.5 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): HIGH
Ghostscript: integer overflow in pcl/pl/plfont.c:418 in pl_glyph_name
An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format.
References
-
-
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=706898 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=706898 x_transferred
-
-
-
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=706898 x_transferred
-
-
-
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=706898 x_transferred
-
-
-
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=706898 x_transferred
-
-
-
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=706898 x_transferred
-
-
-
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=706898 x_transferred
-
-
-
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=706898 x_transferred
-
-
-
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=706898 x_transferred
-
-
-
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=706898 x_transferred
-
Affected products
ghostscript
gimp:flatpak/ghostscript
Matching in nixpkgs
pkgs.ghostscriptX
PostScript interpreter (mainline version)
pkgs.ghostscript_headless
PostScript interpreter (mainline version)
pkgs.haskellPackages.ghostscript-parallel
Let Ghostscript render pages in parallel
Package maintainers
-
@tobim Tobias Mayer <nix@tobim.fastmail.fm>