CVE-2020-16305: A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a…

medium5.5CVSS 3.1

AVLACLPRNUIRSUCNINAH

A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

Affected

21 ranges

Vendor	Product	Version range	Fixed in
artifex	ghostscript	< 9.51	9.51
artifex	ghostscript	—	—
artifex	ghostscript	>= 0 < 9.51~dfsg-1	9.51~dfsg-1
artifex	ghostscript	>= 0 < 9.51~dfsg-1	9.51~dfsg-1
artifex	ghostscript	>= 0 < 9.51~dfsg-1	9.51~dfsg-1
artifex	ghostscript	>= 0 < 9.51~dfsg-1	9.51~dfsg-1
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	ghostscript	< ghostscript 9.51~dfsg-1 (bookworm)	ghostscript 9.51~dfsg-1 (bookworm)
debian	ghostscript	—	—
redhat	codeready_linux_builder	—	—
redhat	codeready_linux_builder_for_arm64	—	—
redhat	codeready_linux_builder_for_ibm_z_systems	—	—
redhat	codeready_linux_builder_for_power_little_endian	—	—
redhat	enterprise_linux	—	—
redhat	enterprise_linux_for_arm_64	—	—
redhat	enterprise_linux_for_ibm_z_systems	—	—
redhat	enterprise_linux_for_power_little_endian	—	—

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

osv5.5MEDIUM