First published: Wed Sep 13 2023(Updated: )
It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-21710) It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2020-21890)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/ghostscript | <9.50~dfsg-5ubuntu4.10 | 9.50~dfsg-5ubuntu4.10 |
=20.04 | ||
All of | ||
ubuntu/libgs9 | <9.50~dfsg-5ubuntu4.10 | 9.50~dfsg-5ubuntu4.10 |
=20.04 | ||
All of | ||
ubuntu/ghostscript | <9.26~dfsg+0-0ubuntu0.18.04.18+esm2 | 9.26~dfsg+0-0ubuntu0.18.04.18+esm2 |
=18.04 | ||
All of | ||
ubuntu/libgs9 | <9.26~dfsg+0-0ubuntu0.18.04.18+esm2 | 9.26~dfsg+0-0ubuntu0.18.04.18+esm2 |
=18.04 | ||
All of | ||
ubuntu/ghostscript | <9.26~dfsg+0-0ubuntu0.16.04.14+esm7 | 9.26~dfsg+0-0ubuntu0.16.04.14+esm7 |
=16.04 | ||
All of | ||
ubuntu/libgs9 | <9.26~dfsg+0-0ubuntu0.16.04.14+esm7 | 9.26~dfsg+0-0ubuntu0.16.04.14+esm7 |
=16.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for these Ghostscript vulnerabilities is CVE-2020-21710.
The severity of CVE-2020-21710 is not specified in the information provided.
An attacker could exploit CVE-2020-21710 by using a specially crafted PDF file to cause a denial of service.
The affected software versions are Ghostscript 9.50~dfsg-5ubuntu4.10, libgs9 9.50~dfsg-5ubuntu4.10, Ghostscript 9.26~dfsg+0-0ubuntu0.18.04.18+esm2, libgs9 9.26~dfsg+0-0ubuntu0.18.04.18+esm2, Ghostscript 9.26~dfsg+0-0ubuntu0.16.04.14+esm7, and libgs9 9.26~dfsg+0-0ubuntu0.16.04.14+esm7.
To fix the Ghostscript vulnerabilities, it is recommended to update to the latest version of the affected software packages as specified in the provided references.