Browse all 3 CVE security advisories affecting The ghostscript Project. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Ghostscript serves as a critical interpreter for PostScript and PDF files, enabling rendering and processing across numerous applications and systems. Historically, it has been susceptible to remote code execution vulnerabilities due to unsafe PostScript language features, along with memory corruption flaws and privilege escalation issues through malicious input handling. The project maintains a moderate CVE count with three active records, reflecting ongoing security challenges. Notable incidents include past RCE vulnerabilities in versions prior to 9.50, where attackers could execute arbitrary code via specially crafted documents, highlighting the risks of processing untrusted input in a powerful interpreter environment.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-3839 | Artifex Software Ghostscript 权限许可和访问控制问题漏洞 — ghostscriptCWE-648 | 7.1 | - | 2019-05-16 |
| CVE-2019-3835 | Artifex Software Ghostscript 访问控制错误漏洞 — ghostscriptCWE-648 | 5.5 | - | 2019-03-25 |
| CVE-2019-3838 | Artifex Software Ghostscript 访问控制错误漏洞 — ghostscriptCWE-648 | 5.5 | - | 2019-03-25 |
This page lists every published CVE security advisory associated with The ghostscript Project. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.