Search for packages
| purl | pkg:alpm/archlinux/ghostscript@9.26-2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-21fq-z3n5-e3ez
Aliases: CVE-2019-3838 |
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. |
Affected by 0 other vulnerabilities. |
|
VCID-adj9-tka4-r7e4
Aliases: CVE-2019-3835 |
It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-zfnv-gqqz-fbgx | In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. |
CVE-2019-6116
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-31T11:37:01.074764+00:00 | Arch Linux Importer | Fixing | VCID-zfnv-gqqz-fbgx | https://security.archlinux.org/AVG-860 | 37.0.0 |
| 2025-07-31T11:36:58.379421+00:00 | Arch Linux Importer | Affected by | VCID-adj9-tka4-r7e4 | https://security.archlinux.org/AVG-929 | 37.0.0 |
| 2025-07-31T11:36:58.351431+00:00 | Arch Linux Importer | Affected by | VCID-21fq-z3n5-e3ez | https://security.archlinux.org/AVG-929 | 37.0.0 |