Artifex: >> Ghostscript >> 9.25 Security Vulnerabilities
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
CVSS Score
7.8
EPSS Score
0.008
Published
2018-11-23
An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used.
CVSS Score
9.8
EPSS Score
0.102
Published
2018-11-21
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.
CVSS Score
8.6
EPSS Score
0.003
Published
2018-10-19
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.
CVSS Score
6.3
EPSS Score
0.003
Published
2018-10-15
Page 8