CVE-2021-45949

CVE	CVE-2021-45949
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-01-01 00:15:00 UTC
Updated	2023-11-07 03:39:00 UTC
Description	Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).

Problem Types: CWE-787

Type	Vendor	Product	Version	Update	Edition	Language
Application	Artifex	Ghostscript	All	All	All	All
Operating System	Debian	Debian Linux	10.0	All	All	All
Operating System	Debian	Debian Linux	11.0	All	All	All
Operating System	Debian	Debian Linux	9.0	All	All	All

Reference	Source	Link	Tags
[SECURITY] [DLA 2879-1] ghostscript security update	MLIST	lists.debian.org
Debian -- Security Information -- DSA-5038-1 ghostscript	DEBIAN	www.debian.org
34675 - oss-fuzz - OSS-Fuzz: Fuzzing the planet - Monorail	MISC	bugs.chromium.org
oss-fuzz-vulns/OSV-2021-803.yaml at main · google/oss-fuzz-vulns · GitHub	MISC	github.com
git.ghostscript.com Git - ghostpdl.git/commit	MISC	git.ghostscript.com
git.ghostscript.com Git		git.ghostscript.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

178989 Debian Security Update for ghostscript (DSA 5038-1)
179002 Debian Security Update for ghostscript (DLA 2879-1)
184837 Debian Security Update for ghostscript (CVE-2021-45949)
198630 Ubuntu Security Notification for Ghostscript Vulnerabilities (USN-5224-1)
671449 EulerOS Security Update for ghostscript (EulerOS-SA-2022-1426)
671477 EulerOS Security Update for ghostscript (EulerOS-SA-2022-1447)
671493 EulerOS Security Update for ghostscript (EulerOS-SA-2022-1484)
671541 EulerOS Security Update for ghostscript (EulerOS-SA-2022-1503)
671583 EulerOS Security Update for ghostscript (EulerOS-SA-2022-1533)
671676 EulerOS Security Update for ghostscript (EulerOS-SA-2022-1723)
751603 SUSE Enterprise Linux Security Update for ghostscript (SUSE-SU-2022:0081-1)
751605 OpenSUSE Security Update for ghostscript (openSUSE-SU-2022:0088-1)
751706 OpenSUSE Security Update for ghostscript (openSUSE-SU-2022:0088-2)
751991 SUSE Enterprise Linux Security Update for ghostscript (SUSE-SU-2022:0088-1)
753608 SUSE Enterprise Linux Security Update for ghostscript (SUSE-SU-2022:0088-3)