cbcvebase.
CVE-2025-59798
published 2025-09-22

CVE-2025-59798: Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c.

medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c.

Affected

8 ranges
VendorProductVersion rangeFixed in
artifexghostscript<= 10.05.1
artifexghostscript>= 0 < 9.53.3~dfsg-7+deb11u119.53.3~dfsg-7+deb11u11
artifexghostscript>= 0 < 10.0.0~dfsg-11+deb12u810.0.0~dfsg-11+deb12u8
artifexghostscript>= 0 < 10.05.1~dfsg-1+deb13u110.05.1~dfsg-1+deb13u1
artifexghostscript>= 0 < 10.06.0~dfsg-110.06.0~dfsg-1
artifexghostscript>= 0 < 9.55.0~dfsg1-0ubuntu5.139.55.0~dfsg1-0ubuntu5.13
artifexghostscript>= 0 < 10.02.1~dfsg1-0ubuntu7.810.02.1~dfsg1-0ubuntu7.8
debianghostscript< ghostscript 10.0.0~dfsg-11+deb12u8 (bookworm)ghostscript 10.0.0~dfsg-11+deb12u8 (bookworm)

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM