Fluid Attacks Database

Description

Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	ghostscript	=9.53.3~dfsg-7 \|\| =9.53.3~dfsg-7+deb11u1 \|\| >=0 <9.53.3~dfsg-7+deb11u2	9.53.3~dfsg-7+deb11u2
debian 13	ghostscript	>=0 <9.55.0~dfsg-1	9.55.0~dfsg-1
debian 12	ghostscript	>=0 <9.55.0~dfsg-1	9.55.0~dfsg-1
debian 14	ghostscript	>=0 <9.55.0~dfsg-1	9.55.0~dfsg-1
rpm rhel8	ghostscript	-	-
rpm rhel7	ghostscript	-	-

Aliases

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.