CVE-2025-59799
published 2025-09-22CVE-2025-59799: Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value.
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artifex | ghostscript | <= 10.05.1 | — |
| artifex | ghostscript | >= 0 < 9.53.3~dfsg-7+deb11u11 | 9.53.3~dfsg-7+deb11u11 |
| artifex | ghostscript | >= 0 < 10.0.0~dfsg-11+deb12u8 | 10.0.0~dfsg-11+deb12u8 |
| artifex | ghostscript | >= 0 < 10.05.1~dfsg-1+deb13u1 | 10.05.1~dfsg-1+deb13u1 |
| artifex | ghostscript | >= 0 < 10.06.0~dfsg-1 | 10.06.0~dfsg-1 |
| artifex | ghostscript | >= 0 < 9.55.0~dfsg1-0ubuntu5.13 | 9.55.0~dfsg1-0ubuntu5.13 |
| artifex | ghostscript | >= 0 < 10.02.1~dfsg1-0ubuntu7.8 | 10.02.1~dfsg1-0ubuntu7.8 |
| debian | ghostscript | < ghostscript 10.0.0~dfsg-11+deb12u8 (bookworm) | ghostscript 10.0.0~dfsg-11+deb12u8 (bookworm) |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM