CVE-2018-19478

In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file.
Configurations

Configuration 1 (hide)

cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

History

21 Nov 2024, 03:57

Type Values Removed Values Added
References () http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=0a7e5a1c309fa0911b892fa40996a7d55d90bace - () http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=0a7e5a1c309fa0911b892fa40996a7d55d90bace -
References () http://www.securityfocus.com/bid/106445 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/106445 - Third Party Advisory, VDB Entry
References () https://bugs.ghostscript.com/show_bug.cgi?id=699856 - Issue Tracking, Permissions Required, Third Party Advisory () https://bugs.ghostscript.com/show_bug.cgi?id=699856 - Issue Tracking, Permissions Required, Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=1655607 - Issue Tracking, Patch, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=1655607 - Issue Tracking, Patch, Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2018/12/msg00019.html - Third Party Advisory () https://lists.debian.org/debian-lts-announce/2018/12/msg00019.html - Third Party Advisory
References () https://www.ghostscript.com/doc/9.26/History9.htm - Release Notes () https://www.ghostscript.com/doc/9.26/History9.htm - Release Notes

07 Nov 2023, 02:55

Type Values Removed Values Added
References
  • {'url': 'http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0a7e5a1c309fa0911b892fa40996a7d55d90bace', 'name': 'http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0a7e5a1c309fa0911b892fa40996a7d55d90bace', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'CONFIRM'}
  • () http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=0a7e5a1c309fa0911b892fa40996a7d55d90bace -

Information

Published : 2019-01-02 18:29

Updated : 2024-11-21 03:57


NVD link : CVE-2018-19478

Mitre link : CVE-2018-19478

CVE.ORG link : CVE-2018-19478


JSON object : View

Products Affected

debian

  • debian_linux

artifex

  • ghostscript
CWE
CWE-20

Improper Input Validation