In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libgs9-dbgsym": "9.10~dfsg-0ubuntu10.13", "ghostscript-dbgsym": "9.10~dfsg-0ubuntu10.13", "ghostscript-dbg": "9.10~dfsg-0ubuntu10.13", "ghostscript-doc": "9.10~dfsg-0ubuntu10.13", "ghostscript-x": "9.10~dfsg-0ubuntu10.13", "libgs9": "9.10~dfsg-0ubuntu10.13", "ghostscript-x-dbgsym": "9.10~dfsg-0ubuntu10.13", "libgs-dev-dbgsym": "9.10~dfsg-0ubuntu10.13", "libgs9-common": "9.10~dfsg-0ubuntu10.13", "ghostscript": "9.10~dfsg-0ubuntu10.13", "libgs-dev": "9.10~dfsg-0ubuntu10.13" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libgs9-dbgsym": "9.18~dfsg~0-0ubuntu2.9", "ghostscript-dbgsym": "9.18~dfsg~0-0ubuntu2.9", "ghostscript-dbg": "9.18~dfsg~0-0ubuntu2.9", "ghostscript-doc": "9.18~dfsg~0-0ubuntu2.9", "ghostscript-x": "9.18~dfsg~0-0ubuntu2.9", "libgs9": "9.18~dfsg~0-0ubuntu2.9", "ghostscript-x-dbgsym": "9.18~dfsg~0-0ubuntu2.9", "libgs-dev-dbgsym": "9.18~dfsg~0-0ubuntu2.9", "libgs9-common": "9.18~dfsg~0-0ubuntu2.9", "ghostscript": "9.18~dfsg~0-0ubuntu2.9", "libgs-dev": "9.18~dfsg~0-0ubuntu2.9" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "ghostscript-dbg": "9.22~dfsg+1-0ubuntu1.2", "ghostscript-doc": "9.22~dfsg+1-0ubuntu1.2", "ghostscript-x": "9.22~dfsg+1-0ubuntu1.2", "libgs9": "9.22~dfsg+1-0ubuntu1.2", "libgs-dev": "9.22~dfsg+1-0ubuntu1.2", "libgs9-common": "9.22~dfsg+1-0ubuntu1.2", "ghostscript": "9.22~dfsg+1-0ubuntu1.2" } ] }