Nixpkgs security tracker
Untriaged
Permalink
CVE-2020-27792
7.1 HIGH
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
Ghostscript: heap buffer over write vulnerability in ghostscript's lp8000_print_page() in gdevlp8k.c
A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service.
References
-
-
-
-
-
-
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e… x_transferredx_refsource_MISC
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update x_transferredmailing-listx_refsource_MLIST
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC
-
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-listx_refsource_MLIST
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC
-
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-listx_refsource_MLIST
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC
-
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-listx_refsource_MLIST
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC
-
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-listx_refsource_MLIST
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC
-
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-listx_refsource_MLIST
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC
-
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-listx_refsource_MLIST
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC
-
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-listx_refsource_MLIST
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC
-
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-listx_refsource_MLIST
-
-
-
-
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e… x_transferredx_refsource_MISC
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update x_transferredmailing-listx_refsource_MLIST
-
-
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC
-
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-listx_refsource_MLIST
-
-
-
-
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e… x_transferredx_refsource_MISC
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update x_transferredmailing-listx_refsource_MLIST
-
-
-
-
-
-
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e… x_transferredx_refsource_MISC
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update x_transferredmailing-listx_refsource_MLIST
-
-
-
-
-
-
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e… x_transferredx_refsource_MISC
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update x_transferredmailing-listx_refsource_MLIST
-
-
-
-
-
-
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e… x_transferredx_refsource_MISC
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update x_transferredmailing-listx_refsource_MLIST
-
-
-
-
-
-
-
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e… x_transferredx_refsource_MISC
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update x_transferredmailing-listx_refsource_MLIST
-
-
-
-
-
-
-
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e… x_transferredx_refsource_MISC
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update x_transferredmailing-listx_refsource_MLIST
-
-
-
-
-
-
-
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e… x_transferredx_refsource_MISC
-
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update x_transferredmailing-listx_refsource_MLIST
Affected products
ghostscript
- *
- ==9.27
Matching in nixpkgs
pkgs.ghostscriptX
PostScript interpreter (mainline version)
pkgs.ghostscript_headless
PostScript interpreter (mainline version)
pkgs.haskellPackages.ghostscript-parallel
Let Ghostscript render pages in parallel
Package maintainers
-
@tobim Tobias Mayer <nix@tobim.fastmail.fm>