CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-59798 – Ubuntu Security Notice USN-7782-1
https://notcve.org/view.php?id=CVE-2025-59798
22 Sep 2025 — Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c. It was discovered that Ghostscript incorrectly handled opening a file to write. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service It was discovered that Ghostscript incorrectly handled writing certain files. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service It was discovered that G... • https://bugs.ghostscript.com/show_bug.cgi?id=708539 • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-59799 – Debian Security Advisory 6024-1
https://notcve.org/view.php?id=CVE-2025-59799
22 Sep 2025 — Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value. Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed. For the oldstable distribution (bookworm), these problems have been fixed in version 10.0.0~dfsg-11+deb12u8. For the stable distribution (trix... • https://bugs.ghostscript.com/show_bug.cgi?id=708517 • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-59800 – Ubuntu Security Notice USN-7782-1
https://notcve.org/view.php?id=CVE-2025-59800
22 Sep 2025 — In Artifex Ghostscript through 10.05.1, ocr_begin_page in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocr_line8. It was discovered that Ghostscript incorrectly handled opening a file to write. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service It was discovered that Ghostscript incorrectly handled writing certain files. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a ... • https://bugs.ghostscript.com/show_bug.cgi?id=708602 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 1CVE-2025-48708 – Ubuntu Security Notice USN-7623-1
https://notcve.org/view.php?id=CVE-2025-48708
23 May 2025 — gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript through 10.05.0 lacks argument sanitization for the # case. gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext. It was discovered that OpenJPEG, vendored in Ghostscript did not correctly handle large image files. If a user or system were tricked into opening a specially crafted file, an attacker cou... • https://github.com/B1tBreaker/CVE-2025-48708 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 4.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46646 – Ubuntu Security Notice USN-7473-1
https://notcve.org/view.php?id=CVE-2025-46646
26 Apr 2025 — In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954. It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly bypass file path validation. • https://bugs.ghostscript.com/show_bug.cgi?id=708311 • CWE-24: Path Traversal: '../filedir' •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-46952 – ghostscript: Buffer Overflow in Ghostscript PDF XRef Stream Handling
https://notcve.org/view.php?id=CVE-2024-46952
10 Nov 2024 — An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values). A flaw was found in Artifex Ghostscript's PDF XRef stream handling. This vulnerability allows a buffer overflow via crafted values in the W array of a PDF XRef stream. Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbi... • https://bugs.ghostscript.com/show_bug.cgi?id=708001 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46954 – ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding
https://notcve.org/view.php?id=CVE-2024-46954
10 Nov 2024 — An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal. A flaw was found in Ghostscript/base/gp_utf8.c. This vulnerability allows directory traversal via overlong UTF-8 encoding, potentially leading to unauthorized access to filesystem directories. An update for thunderbird is now available for Red Hat Enterprise Linux 9. • https://bugs.ghostscript.com/show_bug.cgi?id=707788 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2024-46951 – ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space
https://notcve.org/view.php?id=CVE-2024-46951
07 Nov 2024 — An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution. A flaw was found in Artifex Ghostscript's psi/zcolor.c component. This vulnerability allows arbitrary code execution via an unchecked implementation pointer in the Pattern color space. This update for ghostscript fixes the following issues. • https://bugs.ghostscript.com/show_bug.cgi?id=707991 • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2024-46953 – ghostscript: Path Traversal and Code Execution via Integer Overflow in Ghostscript
https://notcve.org/view.php?id=CVE-2024-46953
07 Nov 2024 — An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution. A flaw was found in Artifex Ghostscript base/gsdevice.c. This vulnerability allows path truncation, path traversal, and possible code execution via an integer overflow when parsing the filename format string for the output filename. This update for ghostscript fixes t... • https://bugs.ghostscript.com/show_bug.cgi?id=707793 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2024-46955 – Debian Security Advisory 5808-1
https://notcve.org/view.php?id=CVE-2024-46955
07 Nov 2024 — An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space. This update for ghostscript fixes the following issues. Fixed arbitrary code execution via unchecked "Implementation" pointer in "Pattern" color space. Fixed integer overflow when parsing the page format results in path truncation, path traversal, code execution. • https://bugs.ghostscript.com/show_bug.cgi?id=707990 • CWE-125: Out-of-bounds Read •