vulnerability

Artifex Ghostscript: (CVE-2018-16540) Use-after-free in copydevice handling

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Sep 5, 2018	Oct 10, 2018	Aug 11, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Sep 5, 2018

Added

Oct 10, 2018

Modified

Aug 11, 2025

Description

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact.

Solution

ghostscript-upgrade-9_24

References

CVE-2018-16540
https://attackerkb.com/topics/CVE-2018-16540
CWE-416
URL-https://bugs.ghostscript.com/show_bug.cgi?id=699661

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today