Fluid Attacks Database

Description

A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
alpine v3.14	ghostscript	=8.64-r0 \|\| =8.70-r0 \|\| =8.71-r0 \|\| =8.71-r1 \|\| =8.71-r2 \|\| =8.71-r3 \|\| =8.71-r4 \|\| =9.00-r0 \|\| =9.00-r1 \|\| =9.00-r2 \|\| =9.04-r0 \|\| =9.05-r0 \|\| =9.05-r1 \|\| =9.06-r0 \|\| =9.06-r1 \|\| =9.06-r2 \|\| =9.06-r3 \|\| =9.07-r0 \|\| =9.09-r0 \|\| =9.09-r1 \|\| =9.10-r0 \|\| =9.10-r1 \|\| =9.15-r0 \|\| =9.15-r1 \|\| =9.16-r0 \|\| =9.16-r1 \|\| =9.16-r2 \|\| =9.18-r0 \|\| =9.19-r0 \|\| =9.19-r1 \|\| =9.20-r0 \|\| =9.20-r1 \|\| =9.21-r0 \|\| =9.21-r1 \|\| =9.21-r2 \|\| =9.21-r3 \|\| =9.22-r0 \|\| =9.24-r0 \|\| =9.25-r0 \|\| =9.25-r1 \|\| =9.26-r0 \|\| =9.26-r1 \|\| =9.26-r2 \|\| =9.27-r0 \|\| =9.27-r1 \|\| =9.27-r2 \|\| =9.27-r3 \|\| =9.27-r4 \|\| =9.50-r0 \|\| >=0 <9.51-r0	9.51-r0
alpine v3.15	ghostscript	=8.64-r0 \|\| =8.70-r0 \|\| =8.71-r0 \|\| =8.71-r1 \|\| =8.71-r2 \|\| =8.71-r3 \|\| =8.71-r4 \|\| =9.00-r0 \|\| =9.00-r1 \|\| =9.00-r2 \|\| =9.04-r0 \|\| =9.05-r0 \|\| =9.05-r1 \|\| =9.06-r0 \|\| =9.06-r1 \|\| =9.06-r2 \|\| =9.06-r3 \|\| =9.07-r0 \|\| =9.09-r0 \|\| =9.09-r1 \|\| =9.10-r0 \|\| =9.10-r1 \|\| =9.15-r0 \|\| =9.15-r1 \|\| =9.16-r0 \|\| =9.16-r1 \|\| =9.16-r2 \|\| =9.18-r0 \|\| =9.19-r0 \|\| =9.19-r1 \|\| =9.20-r0 \|\| =9.20-r1 \|\| =9.21-r0 \|\| =9.21-r1 \|\| =9.21-r2 \|\| =9.21-r3 \|\| =9.22-r0 \|\| =9.24-r0 \|\| =9.25-r0 \|\| =9.25-r1 \|\| =9.26-r0 \|\| =9.26-r1 \|\| =9.26-r2 \|\| =9.27-r0 \|\| =9.27-r1 \|\| =9.27-r2 \|\| =9.27-r3 \|\| =9.27-r4 \|\| =9.50-r0 \|\| >=0 <9.51-r0	9.51-r0
alpine v3.19	ghostscript	=8.64-r0 \|\| =8.70-r0 \|\| =8.71-r0 \|\| =8.71-r1 \|\| =8.71-r2 \|\| =8.71-r3 \|\| =8.71-r4 \|\| =9.00-r0 \|\| =9.00-r1 \|\| =9.00-r2 \|\| =9.04-r0 \|\| =9.05-r0 \|\| =9.05-r1 \|\| =9.06-r0 \|\| =9.06-r1 \|\| =9.06-r2 \|\| =9.06-r3 \|\| =9.07-r0 \|\| =9.09-r0 \|\| =9.09-r1 \|\| =9.10-r0 \|\| =9.10-r1 \|\| =9.15-r0 \|\| =9.15-r1 \|\| =9.16-r0 \|\| =9.16-r1 \|\| =9.16-r2 \|\| =9.18-r0 \|\| =9.19-r0 \|\| =9.19-r1 \|\| =9.20-r0 \|\| =9.20-r1 \|\| =9.21-r0 \|\| =9.21-r1 \|\| =9.21-r2 \|\| =9.21-r3 \|\| =9.22-r0 \|\| =9.24-r0 \|\| =9.25-r0 \|\| =9.25-r1 \|\| =9.26-r0 \|\| =9.26-r1 \|\| =9.26-r2 \|\| =9.27-r0 \|\| =9.27-r1 \|\| =9.27-r2 \|\| =9.27-r3 \|\| =9.27-r4 \|\| =9.50-r0 \|\| >=0 <9.51-r0	9.51-r0
alpine v3.21	ghostscript	=8.64-r0 \|\| =8.70-r0 \|\| =8.71-r0 \|\| =8.71-r1 \|\| =8.71-r2 \|\| =8.71-r3 \|\| =8.71-r4 \|\| =9.00-r0 \|\| =9.00-r1 \|\| =9.00-r2 \|\| =9.04-r0 \|\| =9.05-r0 \|\| =9.05-r1 \|\| =9.06-r0 \|\| =9.06-r1 \|\| =9.06-r2 \|\| =9.06-r3 \|\| =9.07-r0 \|\| =9.09-r0 \|\| =9.09-r1 \|\| =9.10-r0 \|\| =9.10-r1 \|\| =9.15-r0 \|\| =9.15-r1 \|\| =9.16-r0 \|\| =9.16-r1 \|\| =9.16-r2 \|\| =9.18-r0 \|\| =9.19-r0 \|\| =9.19-r1 \|\| =9.20-r0 \|\| =9.20-r1 \|\| =9.21-r0 \|\| =9.21-r1 \|\| =9.21-r2 \|\| =9.21-r3 \|\| =9.22-r0 \|\| =9.24-r0 \|\| =9.25-r0 \|\| =9.25-r1 \|\| =9.26-r0 \|\| =9.26-r1 \|\| =9.26-r2 \|\| =9.27-r0 \|\| =9.27-r1 \|\| =9.27-r2 \|\| =9.27-r3 \|\| =9.27-r4 \|\| =9.50-r0 \|\| >=0 <9.51-r0	9.51-r0
debian 12	ghostscript	>=0 <9.51~dfsg-1	9.51~dfsg-1
alpine v3.16	ghostscript	=8.64-r0 \|\| =8.70-r0 \|\| =8.71-r0 \|\| =8.71-r1 \|\| =8.71-r2 \|\| =8.71-r3 \|\| =8.71-r4 \|\| =9.00-r0 \|\| =9.00-r1 \|\| =9.00-r2 \|\| =9.04-r0 \|\| =9.05-r0 \|\| =9.05-r1 \|\| =9.06-r0 \|\| =9.06-r1 \|\| =9.06-r2 \|\| =9.06-r3 \|\| =9.07-r0 \|\| =9.09-r0 \|\| =9.09-r1 \|\| =9.10-r0 \|\| =9.10-r1 \|\| =9.15-r0 \|\| =9.15-r1 \|\| =9.16-r0 \|\| =9.16-r1 \|\| =9.16-r2 \|\| =9.18-r0 \|\| =9.19-r0 \|\| =9.19-r1 \|\| =9.20-r0 \|\| =9.20-r1 \|\| =9.21-r0 \|\| =9.21-r1 \|\| =9.21-r2 \|\| =9.21-r3 \|\| =9.22-r0 \|\| =9.24-r0 \|\| =9.25-r0 \|\| =9.25-r1 \|\| =9.26-r0 \|\| =9.26-r1 \|\| =9.26-r2 \|\| =9.27-r0 \|\| =9.27-r1 \|\| =9.27-r2 \|\| =9.27-r3 \|\| =9.27-r4 \|\| =9.50-r0 \|\| >=0 <9.51-r0	9.51-r0
alpine v3.17	ghostscript	=8.64-r0 \|\| =8.70-r0 \|\| =8.71-r0 \|\| =8.71-r1 \|\| =8.71-r2 \|\| =8.71-r3 \|\| =8.71-r4 \|\| =9.00-r0 \|\| =9.00-r1 \|\| =9.00-r2 \|\| =9.04-r0 \|\| =9.05-r0 \|\| =9.05-r1 \|\| =9.06-r0 \|\| =9.06-r1 \|\| =9.06-r2 \|\| =9.06-r3 \|\| =9.07-r0 \|\| =9.09-r0 \|\| =9.09-r1 \|\| =9.10-r0 \|\| =9.10-r1 \|\| =9.15-r0 \|\| =9.15-r1 \|\| =9.16-r0 \|\| =9.16-r1 \|\| =9.16-r2 \|\| =9.18-r0 \|\| =9.19-r0 \|\| =9.19-r1 \|\| =9.20-r0 \|\| =9.20-r1 \|\| =9.21-r0 \|\| =9.21-r1 \|\| =9.21-r2 \|\| =9.21-r3 \|\| =9.22-r0 \|\| =9.24-r0 \|\| =9.25-r0 \|\| =9.25-r1 \|\| =9.26-r0 \|\| =9.26-r1 \|\| =9.26-r2 \|\| =9.27-r0 \|\| =9.27-r1 \|\| =9.27-r2 \|\| =9.27-r3 \|\| =9.27-r4 \|\| =9.50-r0 \|\| >=0 <9.51-r0	9.51-r0
alpine v3.13	ghostscript	=8.64-r0 \|\| =8.70-r0 \|\| =8.71-r0 \|\| =8.71-r1 \|\| =8.71-r2 \|\| =8.71-r3 \|\| =8.71-r4 \|\| =9.00-r0 \|\| =9.00-r1 \|\| =9.00-r2 \|\| =9.04-r0 \|\| =9.05-r0 \|\| =9.05-r1 \|\| =9.06-r0 \|\| =9.06-r1 \|\| =9.06-r2 \|\| =9.06-r3 \|\| =9.07-r0 \|\| =9.09-r0 \|\| =9.09-r1 \|\| =9.10-r0 \|\| =9.10-r1 \|\| =9.15-r0 \|\| =9.15-r1 \|\| =9.16-r0 \|\| =9.16-r1 \|\| =9.16-r2 \|\| =9.18-r0 \|\| =9.19-r0 \|\| =9.19-r1 \|\| =9.20-r0 \|\| =9.20-r1 \|\| =9.21-r0 \|\| =9.21-r1 \|\| =9.21-r2 \|\| =9.21-r3 \|\| =9.22-r0 \|\| =9.24-r0 \|\| =9.25-r0 \|\| =9.25-r1 \|\| =9.26-r0 \|\| =9.26-r1 \|\| =9.26-r2 \|\| =9.27-r0 \|\| =9.27-r1 \|\| =9.27-r2 \|\| =9.27-r3 \|\| =9.27-r4 \|\| =9.50-r0 \|\| >=0 <9.51-r0	9.51-r0
alpine v3.18	ghostscript	=8.64-r0 \|\| =8.70-r0 \|\| =8.71-r0 \|\| =8.71-r1 \|\| =8.71-r2 \|\| =8.71-r3 \|\| =8.71-r4 \|\| =9.00-r0 \|\| =9.00-r1 \|\| =9.00-r2 \|\| =9.04-r0 \|\| =9.05-r0 \|\| =9.05-r1 \|\| =9.06-r0 \|\| =9.06-r1 \|\| =9.06-r2 \|\| =9.06-r3 \|\| =9.07-r0 \|\| =9.09-r0 \|\| =9.09-r1 \|\| =9.10-r0 \|\| =9.10-r1 \|\| =9.15-r0 \|\| =9.15-r1 \|\| =9.16-r0 \|\| =9.16-r1 \|\| =9.16-r2 \|\| =9.18-r0 \|\| =9.19-r0 \|\| =9.19-r1 \|\| =9.20-r0 \|\| =9.20-r1 \|\| =9.21-r0 \|\| =9.21-r1 \|\| =9.21-r2 \|\| =9.21-r3 \|\| =9.22-r0 \|\| =9.24-r0 \|\| =9.25-r0 \|\| =9.25-r1 \|\| =9.26-r0 \|\| =9.26-r1 \|\| =9.26-r2 \|\| =9.27-r0 \|\| =9.27-r1 \|\| =9.27-r2 \|\| =9.27-r3 \|\| =9.27-r4 \|\| =9.50-r0 \|\| >=0 <9.51-r0	9.51-r0
alpine v3.20	ghostscript	=8.64-r0 \|\| =8.70-r0 \|\| =8.71-r0 \|\| =8.71-r1 \|\| =8.71-r2 \|\| =8.71-r3 \|\| =8.71-r4 \|\| =9.00-r0 \|\| =9.00-r1 \|\| =9.00-r2 \|\| =9.04-r0 \|\| =9.05-r0 \|\| =9.05-r1 \|\| =9.06-r0 \|\| =9.06-r1 \|\| =9.06-r2 \|\| =9.06-r3 \|\| =9.07-r0 \|\| =9.09-r0 \|\| =9.09-r1 \|\| =9.10-r0 \|\| =9.10-r1 \|\| =9.15-r0 \|\| =9.15-r1 \|\| =9.16-r0 \|\| =9.16-r1 \|\| =9.16-r2 \|\| =9.18-r0 \|\| =9.19-r0 \|\| =9.19-r1 \|\| =9.20-r0 \|\| =9.20-r1 \|\| =9.21-r0 \|\| =9.21-r1 \|\| =9.21-r2 \|\| =9.21-r3 \|\| =9.22-r0 \|\| =9.24-r0 \|\| =9.25-r0 \|\| =9.25-r1 \|\| =9.26-r0 \|\| =9.26-r1 \|\| =9.26-r2 \|\| =9.27-r0 \|\| =9.27-r1 \|\| =9.27-r2 \|\| =9.27-r3 \|\| =9.27-r4 \|\| =9.50-r0 \|\| >=0 <9.51-r0	9.51-r0

1-10 of 19

Aliases

1. CVE-2020-163032. NVD-2020-163033. OSV-ALPINE-2020-163034. OSV-2020-163035. OSV-DEBIAN-2020-163036. SECURITY-CVE-2020-163037. SECURITY-TRACKER-CVE-2020-16303

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.