VulnerableCode Package Details - pkg:alpm/archlinux/ghostscript@9.50-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2r6t-auqv-mka5	A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands.	CVE-2019-14869
VCID-42dq-y9xv-tydw	A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.	CVE-2019-14813
VCID-86px-1954-mugx	A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.	CVE-2019-14817
VCID-jc4x-udup-17g6	A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.	CVE-2019-14812
VCID-kv1g-tzf8-akc7	A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.	CVE-2019-14811

Vulnerability

Summary

Aliases

VCID-2r6t-auqv-mka5

A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands.

CVE-2019-14869

VCID-42dq-y9xv-tydw

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.

CVE-2019-14813

VCID-86px-1954-mugx

A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.

CVE-2019-14817

VCID-jc4x-udup-17g6

A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.

CVE-2019-14812

VCID-kv1g-tzf8-akc7

A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.

CVE-2019-14811

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-31T11:36:53.978298+00:00	Arch Linux Importer	Fixing	VCID-kv1g-tzf8-akc7	https://security.archlinux.org/AVG-1031	37.0.0
2025-07-31T11:36:53.949752+00:00	Arch Linux Importer	Fixing	VCID-jc4x-udup-17g6	https://security.archlinux.org/AVG-1031	37.0.0
2025-07-31T11:36:53.918133+00:00	Arch Linux Importer	Fixing	VCID-42dq-y9xv-tydw	https://security.archlinux.org/AVG-1031	37.0.0
2025-07-31T11:36:53.889327+00:00	Arch Linux Importer	Fixing	VCID-86px-1954-mugx	https://security.archlinux.org/AVG-1031	37.0.0
2025-07-31T11:36:53.735630+00:00	Arch Linux Importer	Fixing	VCID-2r6t-auqv-mka5	https://security.archlinux.org/AVG-1069	37.0.0