vulnerability
Ubuntu: USN-7623-1 (CVE-2025-48708): Ghostscript vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | May 23, 2025 | Jul 9, 2025 | Apr 16, 2026 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
May 23, 2025
Added
Jul 9, 2025
Modified
Apr 16, 2026
Description
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext.
Solutions
ubuntu-pro-upgrade-ghostscriptubuntu-pro-upgrade-ghostscript-xubuntu-pro-upgrade-libgs-devubuntu-pro-upgrade-libgs9ubuntu-pro-upgrade-libgs9-commonubuntu-upgrade-ghostscriptubuntu-upgrade-ghostscript-xubuntu-upgrade-libgs10ubuntu-upgrade-libgs9
References
- CVE-2025-48708
- https://attackerkb.com/topics/CVE-2025-48708
- CWE-212
- EUVD-EUVD-2025-28243
- UBUNTU-USN-7623-1
- http://www.openwall.com/lists/oss-security/2025/05/23/2
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-28243
- https://ubuntu.com/security/notices/USN-7623-1
- https://www.cve.org/CVERecord?id=CVE-2025-48708
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.