5.5
CVE-2025-59798
- EPSS 0.19%
- Veröffentlicht 22.09.2025 00:00:00
- Zuletzt bearbeitet 03.11.2025 18:17:01
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Artifex ≫ Ghostscript Version <= 10.05.1
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.084 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| cve@mitre.org | 4.3 | 2.5 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
|
CWE-121 Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
https://bugs.ghostscript.com/show_bug.cgi?id=708539
https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=0cae41b23a9669e801211dd4cf97b6dadd6dbdd7
https://lists.debian.org/debian-lts-announce/2025/10/msg00010.html