OESA-2022-1560
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1560
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2022-1560.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2022-1560
- Upstream
- Published
- 2022-03-07T11:03:36Z
- Modified
- 2025-08-12T05:09:32.600576Z
- Summary
- ghostscript security update
- Details
-
Ghostscript is an interpreter for PostScript™ and Portable Document Format (PDF) files. Ghostscript consists of a PostScript interpreter layer, and a graphics library.
Security Fix(es):
A trivial sandbox (enabled with the
-dSAFERoption) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.(CVE-2021-3781) - Database specific
{ "severity": "Critical" }- References
Affected packages
openEuler:20.03-LTS-SP1 / ghostscript
Package
- Name
- ghostscript
- Purl
- pkg:rpm/openEuler/ghostscript&distro=openEuler-20.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.52-6.oe1
Ecosystem specific
{
"src": [
"ghostscript-9.52-6.oe1.src.rpm"
],
"aarch64": [
"ghostscript-9.52-6.oe1.aarch64.rpm",
"ghostscript-debuginfo-9.52-6.oe1.aarch64.rpm",
"ghostscript-debugsource-9.52-6.oe1.aarch64.rpm",
"ghostscript-devel-9.52-6.oe1.aarch64.rpm",
"ghostscript-tools-dvipdf-9.52-6.oe1.aarch64.rpm"
],
"x86_64": [
"ghostscript-devel-9.52-6.oe1.x86_64.rpm",
"ghostscript-9.52-6.oe1.x86_64.rpm",
"ghostscript-tools-dvipdf-9.52-6.oe1.x86_64.rpm",
"ghostscript-debuginfo-9.52-6.oe1.x86_64.rpm",
"ghostscript-debugsource-9.52-6.oe1.x86_64.rpm"
],
"noarch": [
"ghostscript-help-9.52-6.oe1.noarch.rpm"
]
}
openEuler:20.03-LTS-SP2 / ghostscript
Package
- Name
- ghostscript
- Purl
- pkg:rpm/openEuler/ghostscript&distro=openEuler-20.03-LTS-SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.52-7.oe1
Ecosystem specific
{
"src": [
"ghostscript-9.52-7.oe1.src.rpm"
],
"aarch64": [
"ghostscript-devel-9.52-7.oe1.aarch64.rpm",
"ghostscript-debugsource-9.52-7.oe1.aarch64.rpm",
"ghostscript-debuginfo-9.52-7.oe1.aarch64.rpm",
"ghostscript-9.52-7.oe1.aarch64.rpm",
"ghostscript-tools-dvipdf-9.52-7.oe1.aarch64.rpm"
],
"x86_64": [
"ghostscript-tools-dvipdf-9.52-7.oe1.x86_64.rpm",
"ghostscript-9.52-7.oe1.x86_64.rpm",
"ghostscript-devel-9.52-7.oe1.x86_64.rpm",
"ghostscript-debuginfo-9.52-7.oe1.x86_64.rpm",
"ghostscript-debugsource-9.52-7.oe1.x86_64.rpm"
],
"noarch": [
"ghostscript-help-9.52-7.oe1.noarch.rpm"
]
}
openEuler:20.03-LTS-SP3 / ghostscript
Package
- Name
- ghostscript
- Purl
- pkg:rpm/openEuler/ghostscript&distro=openEuler-20.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.52-7.oe1
Ecosystem specific
{
"src": [
"ghostscript-9.52-7.oe1.src.rpm"
],
"aarch64": [
"ghostscript-devel-9.52-7.oe1.aarch64.rpm",
"ghostscript-debugsource-9.52-7.oe1.aarch64.rpm",
"ghostscript-debuginfo-9.52-7.oe1.aarch64.rpm",
"ghostscript-9.52-7.oe1.aarch64.rpm",
"ghostscript-tools-dvipdf-9.52-7.oe1.aarch64.rpm"
],
"x86_64": [
"ghostscript-tools-dvipdf-9.52-7.oe1.x86_64.rpm",
"ghostscript-devel-9.52-7.oe1.x86_64.rpm",
"ghostscript-9.52-7.oe1.x86_64.rpm",
"ghostscript-debuginfo-9.52-7.oe1.x86_64.rpm",
"ghostscript-debugsource-9.52-7.oe1.x86_64.rpm"
],
"noarch": [
"ghostscript-help-9.52-7.oe1.noarch.rpm"
]
}