CVE-2025-59798

Published Sep 22, 2025

Last updated 6 months ago

CVSS medium 4.3

Overview

Description
Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c.
Source
cve@mitre.org
NVD status
Modified
Products
ghostscript

Risk scores

CVSS 3.1

Type
Primary
Base score
5.5
Impact score
3.6
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity
MEDIUM

Weaknesses

cve@mitre.org
CWE-121

Social media

Hype score
Not currently trending

  1. ๐Ÿšจ CRITICAL UPDATE: #Fedora 42 Ghostscript security patch released for CVE-2025-59798, CVE-2025-59799, CVE-2025-59800 Read more: ๐Ÿ“ท https://t.co/rAk4ATCFvD #Security https://t.co/mWLOxMWJ6G

    @Cezar_H_Linux

    28 Jan 2026

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. New #Ubuntu Security Notice: USN-7904-1 addresses CVE-2025-59798/9 in Ghostscript. The flaw in file writing logic could lead to a service crash (Denial of Service). Read more: ๐Ÿ‘‰ https://t.co/yVn93IwVai #Security https://t.co/sHCQMtTt2f

    @Cezar_H_Linux

    3 Dec 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. openSUSE ships Ghostscript fixes for CVE-2025-59798/59799, stack-based overflows in PDF handling. Patch via zypper/YaST and move on with your day. #Linux https://t.co/XEQMSxLcYM

    @threatcluster

    20 Nov 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. ๐Ÿšจ URGENT: #openSUSE Ghostscript security patches released for CVE-2025-59798 and CVE-2025-59799 Read more: ๐Ÿ‘‰ https://t.co/Gr2eeNRT6N #Security https://t.co/6uMAmjCGvf

    @Cezar_H_Linux

    20 Nov 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2025-59798 Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c. https://t.co/U9YnKfZWZa

    @CVEnew

    22 Sept 2025

    488 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value.โ€ขCVE-2025-59799
  2. In Artifex Ghostscript through 10.05.1, ocr_begin_page in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocr_line8.โ€ขCVE-2025-59800
  3. In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954.โ€ขCVE-2025-46646
  4. An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gp_mswin.c and base/winrtsup.cpp.โ€ขCVE-2025-27837
  5. An issue was discovered in Artifex Ghostscript before 10.05.0. The BJ10V device has a Print buffer overflow in contrib/japanese/gdev10v.c.โ€ขCVE-2025-27836

References

Sources include official advisories and independent security research.