[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2017-0430":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T20:55:33.689Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":32,"duplicates":33,"related":34,"reserved_at":9,"published_at":44,"modified_at":45,"state":9,"summary":46,"references_raw":48,"kevs":65,"epss":9,"epss_history":66,"metrics":67,"affected":68},"MGASA-2017-0430","Updated ghostscript packages fix security vulnerabilities\n\nMultiple use-after-free vulnerabilities in the gx_image_enum_begin\nfunction in base/gxipixel.c in Ghostscript before\necceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause\na denial of service (application crash) or possibly have unspecified\nother impact via a crafted PostScript document. (CVE-2017-6196)\n\nInteger overflow in the mark_curve function in Artifex Ghostscript 9.21\nallows remote attackers to cause a denial of service (out-of-bounds\nwrite and application crash) or possibly have unspecified other impact\nvia a crafted PostScript document. (CVE-2017-7948)\n\nThe mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21\nallows remote attackers to cause a denial of service (out-of-bounds\nread) via a crafted PostScript document. (CVE-2017-8908)\n\nlibjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and\nGhostscript, has a NULL pointer dereference in the jbig2_huffman_get\nfunction in jbig2_huffman.c. For example, the jbig2dec utility will\ncrash (segmentation fault) when parsing an invalid file.\n(CVE-2017-9216)\n\nThe xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript\nGhostXPS 9.21 allows remote attackers to cause a denial of service\n(heap-based buffer over-read and application crash) or possibly have\nunspecified other impact via a crafted document. (CVE-2017-9610)\n\nThe xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript\nGhostXPS 9.21 allows remote attackers to cause a denial of service\n(buffer overflow and application crash) or possibly have unspecified\nother impact via a crafted document. (CVE-2017-9618)\n\nThe xps_true_callback_glyph_name function in xps/xpsttf.c in Artifex\nGhostscript GhostXPS 9.21 allows remote attackers to cause a denial of\nservice (Segmentation Violation and application crash) via a crafted\nfile. (CVE-2017-9619)\n\nThe xps_select_font_encoding function in xps/xpsfont.c in Artifex\nGhostscript GhostXPS 9.21 allows remote attackers to cause a denial of\nservice (heap-based buffer over-read and application crash) or possibly\nhave unspecified other impact via a crafted document, related to the\nxps_encode_font_char_imp function. (CVE-2017-9620)\n\nThe xps_decode_font_char_imp function in xps/xpsfont.c in Artifex\nGhostscript GhostXPS 9.21 allows remote attackers to cause a denial of\nservice (heap-based buffer over-read and application crash) or possibly\nhave unspecified other impact via a crafted document. (CVE-2017-9740)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30],{"_key":15},"CVE-2017-6196",{"_key":17},"CVE-2017-7948",{"_key":19},"CVE-2017-8908",{"_key":21},"CVE-2017-9216",{"_key":23},"CVE-2017-9610",{"_key":25},"CVE-2017-9618",{"_key":27},"CVE-2017-9619",{"_key":29},"CVE-2017-9620",{"_key":31},"CVE-2017-9740",[],[],[35,36,37,38,39,40,41,42,43],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},"2017-11-29T18:52:42Z","2026-04-16T06:26:30.248526743Z",{"cisa_kev":47,"cisa_ransomware":47,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[49,55,60],{"url":50,"sources":51,"tags":53},"https://advisories.mageia.org/MGASA-2017-0430.html",[52],"osv_mageia",[54],"Advisory",{"url":56,"sources":57,"tags":58},"https://bugs.mageia.org/show_bug.cgi?id=22052",[52],[59],"REPORT",{"url":61,"sources":62,"tags":63},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2QUCMGMEGU4TK3I5424ZFZYFJHEQRF4P/",[52],[59,64],"WEB",[],[],[],[69,81],{"ecosystem":70,"name":71,"vendor":72,"product":71,"cpe_part":9,"purl_type":73,"purl_namespace":72,"purl_name":71,"source":9,"versions":74},"Mageia","ghostscript","mageia","rpm",[75],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},"lt9_22_1_mga5",true,"ecosystem","9.22-1.mga5","excluding",{"ecosystem":70,"name":71,"vendor":72,"product":71,"cpe_part":9,"purl_type":73,"purl_namespace":72,"purl_name":71,"source":9,"versions":82},[83],{"version":84,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":85,"version_end_type":80,"fixed_in":9},"lt9_22_1_mga6","9.22-1.mga6"]