CVE-2025-48708

gslibctxstashsanitizedarg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the case. A created PDF document includes its password in cleartext...

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a free software package from Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript versions prior to 10.05.1, which stems from a lack of parameter cleanup that could lead ...

CVE-2025-48708

The CVE-2025-48708 entry is confirmed to affect Artifex Ghostscript and is not a placeholder. The issue is in gs_lib_ctx_stash_sanitized_arg (base/gslibctx.c) before 10.05.1, where argument sanitization for the # case is missing, allowing a created PDF to include its password in cleartext. Affect...

Oracle Linux 9 : ghostscript (ELSA-2025-7586)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7586 advisory. - RHEL-88966 CVE-2025-27832 ghostscript: NPDL device: Compression buffer overflow - RHEL-18397 CVE-2023-46751 ghostscript: dangling pointer in...

CVE-2022-29851

documentconverter in OX App Suite through 7.10.6, in a non-default configuration with ghostscript, allows OS Command Injection because file conversion may occur for an EPS document that is disguised as a PDF document...

CVE-2022-44544

Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag -dSAFER is not set with Ghostscript...

CVE-2021-24684

The WordPress PDF Light Viewer Plugin WordPress plugin before 1.4.12 allows users with Author roles to execute arbitrary OS command on the server via OS Command Injection when invoking Ghostscript...

CVE-2017-15652

Artifex Ghostscript 9.22 is affected by: Obtain Information. The impact is: obtain sensitive information. The component is: affected source code file, affected function, affected executable, affected libga imagemagick used that. The attack vector is: Someone must open a postscript file though...

ghostscript security update

9.54.0-19 - RHEL-88966 CVE-2025-27832 ghostscript: NPDL device: Compression buffer overflow 9.54.0-18 - RHEL-18397 CVE-2023-46751 ghostscript: dangling pointer in gdevprnopenprinterseekable - RHEL-67048 CVE-2024-46951 ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Spac...

Oracle Linux 9 : ghostscript (ELSA-2025-7422)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7422 advisory. - RHEL-18397 CVE-2023-46751 ghostscript: dangling pointer in gdevprnopenprinterseekable - RHEL-67048 CVE-2024-46951 ghostscript: Arbitrary Code Executi...

RHEL 9 : ghostscript (RHSA-2025:7586)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7586 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats ...

CVE-2003-0207

ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files...

CVE-1999-0155

The ghostscript command with the -dSAFER option allows remote attackers to execute commands...

ghostscript security update

9.54.0-18 - RHEL-18397 CVE-2023-46751 ghostscript: dangling pointer in gdevprnopenprinterseekable - RHEL-67048 CVE-2024-46951 ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space - RHEL-67053 CVE-2024-46954 ghostscript: Directory Traversal in Ghostscript via Overlong...

RHSA-2025:7593 Red Hat Security Advisory: ghostscript security update

Bulletin has no description...

RHSA-2025:7586 Red Hat Security Advisory: ghostscript security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Ghostscript: NPDL device: Compression buffer overflow

A flaw was found in Artifex Ghostscript. The NPDL device has a compression buffer overflow for contrib/japanese/gdevnpdl.c...

Ghostscript: NPDL device: Compression buffer overflow

A flaw was found in Artifex Ghostscript. The NPDL device has a compression buffer overflow for contrib/japanese/gdevnpdl.c...

Moderate: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...