https://bugs.ghostscript.com/attachment.cgi?id=22323

https://bugs.ghostscript.com/show_bug.cgi?id=705156

https://vuldb.com/?id.197290

NIST AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

NIST (AV:N/AC:M/Au:N/C:P/I:P/A:P)

NIST CWE-787

OR
     *cpe:2.3:a:artifex:ghostpcl:9.55.0:*:*:*:*:*:*:*

https://bugs.ghostscript.com/attachment.cgi?id=22323 No Types Assigned

https://bugs.ghostscript.com/attachment.cgi?id=22323 Permissions Required, Vendor Advisory

https://bugs.ghostscript.com/show_bug.cgi?id=705156 No Types Assigned

https://bugs.ghostscript.com/show_bug.cgi?id=705156 Permissions Required, Vendor Advisory

https://vuldb.com/?id.197290 No Types Assigned

https://vuldb.com/?id.197290 Third Party Advisory

Victim must voluntarily interact with attack mechanism

A vulnerability classified as problematic was found in Ghostscript 9.55.0. This vulnerability affects the function chunk_free_object of the file gsmchunk.c. The manipulation with a malicious file leads to a memory corruption. The attack can be initiated remotely but requires user interaction. The exploit has been disclosed to the public as a POC and may be used. It is recommended to apply the patches to fix this issue.

A vulnerability classified as problematic was found in GhostPCL 9.55.0. This vulnerability affects the function chunk_free_object of the file gsmchunk.c. The manipulation with a malicious file leads to a memory corruption. The attack can be initiated remotely but requires user interaction. The exploit has been disclosed to the public as a POC and may be used. It is recommended to apply the patches to fix this issue.