CVE-2020-14373
published 2020-09-03CVE-2020-14373: A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artifex | ghostscript | — | — |
| artifex | ghostscript | >= 0 < 9.26~dfsg-1 | 9.26~dfsg-1 |
| artifex | ghostscript | >= 0 < 9.26~dfsg-1 | 9.26~dfsg-1 |
| artifex | ghostscript | >= 0 < 9.26~dfsg-1 | 9.26~dfsg-1 |
| artifex | ghostscript | >= 0 < 9.26~dfsg-1 | 9.26~dfsg-1 |
| debian | ghostscript | < ghostscript 9.26~dfsg-1 (bookworm) | ghostscript 9.26~dfsg-1 (bookworm) |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM