CNNVD-202509-3615 Information

CNNVD ID

CNNVD-202509-3615

Related CVE

CVE-2025-59801

• CNNVD Published: 2025-09-22

Description (Chinese)

Artifex GhostXPS是美国Artifex开源的一个文档处理引擎。 Artifex GhostXPS 10.06.0之前版本存在安全漏洞，该漏洞源于未检查samplesperpixel值，可能导致基于栈的缓冲区溢出。

Description (English)

Artifex GhostXPS is a document processing engine for the United States Artifex Open Source. There was a security loophole in the previous version of Artifex GhostXPS 10.06.0, which originated from uninspected samplesperpixel values, which could lead to the spill-out of a fence-based buffer zone.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Artifex

Published

2025-09-22

Last Modified

2026-02-24

References

https://bugs.ghostscript.com/show_bug.cgi?id=708819 https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=99727069197d548a8db69ba5d63f766bff40eaab https://access.redhat.com/security/cve/cve-2025-59801

Patch

https://github.com/ArtifexSoftware/ghostpdl-downloads/releases