CVE-2020-16295: A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a…

medium5.5CVSS 3.1

AVLACLPRNUIRSUCNINAH

A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

Affected

11 ranges

Vendor	Product	Version range	Fixed in
artifex	ghostscript	< 9.52	9.52
artifex	ghostscript	>= 0 < 9.51~dfsg-1	9.51~dfsg-1
artifex	ghostscript	>= 0 < 9.51~dfsg-1	9.51~dfsg-1
artifex	ghostscript	>= 0 < 9.51~dfsg-1	9.51~dfsg-1
artifex	ghostscript	>= 0 < 9.51~dfsg-1	9.51~dfsg-1
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	ghostscript	< ghostscript 9.51~dfsg-1 (bookworm)	ghostscript 9.51~dfsg-1 (bookworm)

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

osv5.5MEDIUM