CVE-2025-59798

CWE-121Stack-based Buffer Overflow9 documents7 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 96.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Artifex Ghostscript
Timeline
PublishedSep 22
Latest updateDec 3

Description

Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:NExploitability: 2.5 | Impact: 1.4

Affected Packages4 packages

CVEListV5artifex/ghostscript10.05.1
NVDartifex/ghostscript10.05.1
Debianghostscript< 9.53.3~dfsg-7+deb11u11+3
Ubuntughostscript< 9.55.0~dfsg1-0ubuntu5.13+1

Patches

Patch: cgit.ghostscript.com

🔴Vulnerability Details

4
OSV
ghostscript vulnerabilities2025-09-29
OSV
CVE-2025-59798: Artifex Ghostscript through 102025-09-22
CVEList
CVE-2025-59798: Artifex Ghostscript through 102025-09-22
GHSA
GHSA-6q6w-ff4v-hgr5: Artifex Ghostscript through 102025-09-22

📋Vendor Advisories

4
Ubuntu
Ghostscript vulnerabilities2025-12-03
Ubuntu
Ghostscript vulnerabilities2025-09-29
Red Hat
Artifex Ghostscript: Artifex Ghostscript: Denial of Service via stack-based buffer overflow in pdf_write_cmap2025-09-22
Debian
CVE-2025-59798: ghostscript - Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_wri...2025
CVE-2025-59798 (MEDIUM CVSS 5.5) | Artifex Ghostscript through 10.05.1 | cvebase.io