Search for packages
Package details: pkg:deb/debian/ghostscript@10.05.1~dfsg-1
purl pkg:deb/debian/ghostscript@10.05.1~dfsg-1
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-cv9z-tq9h-u7dq Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitrary file reading (and writing of error messages to arbitrary files) via OCRLanguage. For example, exploitation can use debug_file /tmp/out and user_patterns_file /etc/passwd. CVE-2024-29511
VCID-f1pt-6dxq-zfe7 gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext. CVE-2025-48708
VCID-mq7g-44dd-qbbf An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format. CVE-2023-38560

Date Actor Action Vulnerability Source VulnerableCode Version
2025-08-01T12:59:45.957845+00:00 Debian Importer Fixing VCID-mq7g-44dd-qbbf https://security-tracker.debian.org/tracker/data/json 37.0.0
2025-08-01T12:52:39.254241+00:00 Debian Importer Fixing VCID-f1pt-6dxq-zfe7 https://security-tracker.debian.org/tracker/data/json 37.0.0
2025-08-01T12:47:16.754249+00:00 Debian Importer Fixing VCID-cv9z-tq9h-u7dq https://security-tracker.debian.org/tracker/data/json 37.0.0