Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HArtifex Ghostscript
APPArtifex≤ 9.20
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References
Related vulnerabilities
CVE-2025-27836CRITICAL9.8PL ✓ten sam produkt
Buffer overflow w urządzeniu BJ10V w Artifex Ghostscript
CVE-2025-27837CRITICAL9.8PL ✓ten sam produkt
Path Traversal w Artifex Ghostscript przez nieprawidłowe znaki UTF-8
CVE-2025-27832CRITICAL9.8PL ✓ten sam produkt
Buffer overflow w urządzeniu NPDL Artifex Ghostscript (kompresja)
CVE-2025-27831CRITICAL9.8PL ✓ten sam produkt
Buffer overflow w Artifex Ghostscript — urządzenie DOCXWRITE/TXTWRITE
CVE-2020-36773CRITICAL9.8PL ✓ten sam produkt
Artifex Ghostscript — out-of-bounds write i use-after-free w obsłudze txtwrite