VDB
ALPINE-CVE-2018-19475
ALPINE-CVE-2018-19475
PUBLISHED
CVSS 7.800000190734863 HIGH
psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
Risk Scores
CVSS v3.0
7.800000190734863
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.12 | ghostscript | 0, 8.64-r0, 8.70-r0 |
| Alpine:v3.5 | ghostscript | 9.05-r0, 9.25-r0, 9.24-r0 |
| Alpine:v3.11 | ghostscript | 8.71-r4, 9.25-r0, 9.24-r0 |
| Alpine:v3.14 | ghostscript | 9.16-r2, 9.16-r1, 9.16-r0 |
| Alpine:v3.19 | ghostscript | 0, 9.25-r1, 9.25-r0 |
| Alpine:v3.8 | ghostscript | 8.71-r3, 9.16-r2, 9.16-r1 |
| Alpine:v3.21 | ghostscript | 9.05-r1, 8.64-r0, 8.70-r0 |
| Alpine:v3.9 | ghostscript | 9.16-r1, 9.18-r0, 9.19-r0 |
| Alpine:v3.22 | ghostscript | 9.22-r0, 9.06-r0, 9.06-r1 |
| Alpine:v3.10 | ghostscript | 9.06-r2, 9.16-r1, 9.16-r0 |
| Alpine:v3.23 | ghostscript | 9.00-r1, 0, 8.64-r0 |
| Alpine:v3.7 | ghostscript | 9.16-r1, 9.06-r0, 9.06-r1 |
| Alpine:v3.20 | ghostscript | 8.71-r1, 0, 8.64-r0 |
| Alpine:v3.6 | ghostscript | 9.16-r1, 9.25-r1, 9.25-r0 |
| Alpine:v3.16 | ghostscript | 9.10-r1, 0, 8.64-r0 |
| Alpine:v3.17 | ghostscript | 0, 9.25-r1, 9.25-r0 |
| Alpine:v3.18 | ghostscript | 9.05-r1, 9.06-r0, 9.06-r1 |
| Alpine:v3.15 | ghostscript | 9.05-r1, 9.25-r1, 9.25-r0 |
| Alpine:v3.13 | ghostscript | 9.16-r2, 9.06-r1, 9.06-r2 |
Timeline
- Nov 23, 2018 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch