CVE-2020-16305
Severity
5.5MEDIUM
EPSS
0.5%
top 35.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 13
Latest updateAug 23
Description
A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages2 packages
Also affects: Debian Linux 10.0, 9.0, Ubuntu Linux 16.04, 18.04, 20.04
🔴Vulnerability Details
3GHSA▶
GHSA-qg85-mf6m-qq9x: A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v↗2022-05-24
OSV▶
CVE-2020-16305: A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v↗2020-08-13
CVEList▶
CVE-2020-16305: A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v↗2020-08-13
📋Vendor Advisories
4💬Community
2Bugzilla▶
CVE-2020-16305 ghostscript: buffer overflow in pcx_write_rle() in contrib/japanese/gdev10v.c could result in a DoS via a crafted PDF file [fedora-all]↗2020-08-19
Bugzilla▶
CVE-2020-16305 ghostscript: buffer overflow in pcx_write_rle() in contrib/japanese/gdev10v.c could result in a DoS↗2020-08-19