Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1026094?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1026094?format=api", "purl": "pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8", "type": "deb", "namespace": "debian", "name": "ghostscript", "version": "10.0.0~dfsg-11+deb12u8", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "10.07.0~dfsg-2", "latest_non_vulnerable_version": "10.07.0~dfsg-2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78280?format=api", "vulnerability_id": "VCID-1nh4-crmx-jfb5", "summary": "ghostscript: Integer overflow in pcl/pl/plfont.c:418 in pl_glyph_name", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38560.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38560.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38560", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01721", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01728", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01737", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01736", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01739", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01748", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01733", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01723", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38560" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224368", "reference_id": "2224368", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T18:44:07Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224368" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-38560", "reference_id": "CVE-2023-38560", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T18:44:07Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-38560" }, { "reference_url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b7eb1d0174c", "reference_id": "?p=ghostpdl.git;a=commitdiff;h=b7eb1d0174c", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T18:44:07Z/" } ], "url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b7eb1d0174c" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=706898", "reference_id": "show_bug.cgi?id=706898", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T18:44:07Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=706898" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026095?format=api", "purl": "pkg:deb/debian/ghostscript@10.05.1~dfsg-1%2Bdeb13u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.05.1~dfsg-1%252Bdeb13u1" } ], "aliases": [ "CVE-2023-38560" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1nh4-crmx-jfb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67455?format=api", "vulnerability_id": "VCID-k837-n44h-pkbm", "summary": "Artifex Ghostscript: Artifex Ghostscript: Denial of Service via crafted document processing", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59800.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59800.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59800", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04372", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04419", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04406", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04441", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04459", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04451", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04436", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04396", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59800" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397226", "reference_id": "2397226", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397226" }, { "reference_url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=176cf0188a2294bc307b8caec876f39412e58350", "reference_id": "?id=176cf0188a2294bc307b8caec876f39412e58350", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T13:52:31Z/" } ], "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=176cf0188a2294bc307b8caec876f39412e58350" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=708602", "reference_id": "show_bug.cgi?id=708602", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T13:52:31Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=708602" }, { "reference_url": "https://usn.ubuntu.com/7782-1/", "reference_id": "USN-7782-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7782-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1055270?format=api", "purl": "pkg:deb/debian/ghostscript@10.07.0~dfsg-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.07.0~dfsg-2" } ], "aliases": [ "CVE-2025-59800" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k837-n44h-pkbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69514?format=api", "vulnerability_id": "VCID-rdmp-hfbg-2kh5", "summary": "Ghostscript: Ghostscript Argument Sanitization Vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48708.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48708.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-48708", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06732", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06678", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06664", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06713", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06747", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06746", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06739", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06633", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-48708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48708" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368134", "reference_id": "2368134", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368134" }, { "reference_url": "https://security.archlinux.org/ASA-202505-15", "reference_id": "ASA-202505-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202505-15" }, { "reference_url": "https://security.archlinux.org/AVG-2883", "reference_id": "AVG-2883", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2883" }, { "reference_url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=b587663c623b4462f9e78686a31fd880207303ee", "reference_id": "?id=b587663c623b4462f9e78686a31fd880207303ee", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-23T13:21:22Z/" } ], "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=b587663c623b4462f9e78686a31fd880207303ee" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=708446", "reference_id": "show_bug.cgi?id=708446", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-23T13:21:22Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=708446" }, { "reference_url": "https://usn.ubuntu.com/7623-1/", "reference_id": "USN-7623-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7623-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026095?format=api", "purl": "pkg:deb/debian/ghostscript@10.05.1~dfsg-1%2Bdeb13u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.05.1~dfsg-1%252Bdeb13u1" } ], "aliases": [ "CVE-2025-48708" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rdmp-hfbg-2kh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75006?format=api", "vulnerability_id": "VCID-t3n4-wrgr-bkdy", "summary": "ghostscript: ghostscript: arbitrary file read/write through Tesseract configuration", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29511.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29511.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-29511", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.73692", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.73653", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.73677", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.7365", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.73685", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.73698", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.73719", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.73701", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-29511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29511" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295648", "reference_id": "2295648", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295648" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2024/07/03/7", "reference_id": "7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-05T15:17:09Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2024/07/03/7" }, { "reference_url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=3d4cfdc1a44", "reference_id": "?p=ghostpdl.git%3Ba=commitdiff%3Bh=3d4cfdc1a44", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-05T15:17:09Z/" } ], "url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=3d4cfdc1a44" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=707510", "reference_id": "show_bug.cgi?id=707510", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-05T15:17:09Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=707510" }, { "reference_url": "https://usn.ubuntu.com/6897-1/", "reference_id": "USN-6897-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6897-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026095?format=api", "purl": "pkg:deb/debian/ghostscript@10.05.1~dfsg-1%2Bdeb13u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.05.1~dfsg-1%252Bdeb13u1" } ], "aliases": [ "CVE-2024-29511" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t3n4-wrgr-bkdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96825?format=api", "vulnerability_id": "VCID-wzad-uxqp-63h3", "summary": "In Artifex GhostXPS before 10.06.0, there is a stack-based buffer overflow in xps_unpredict_tiff in xpstiff.c because the samplesperpixel value is not checked.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59801", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03929", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04005", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03975", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03958", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03953", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03968", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.0398", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03987", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59801" }, { "reference_url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=99727069197d548a8db69ba5d63f766bff40eaab", "reference_id": "?id=99727069197d548a8db69ba5d63f766bff40eaab", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T13:53:38Z/" } ], "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=99727069197d548a8db69ba5d63f766bff40eaab" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=708819", "reference_id": "show_bug.cgi?id=708819", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T13:53:38Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=708819" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1055270?format=api", "purl": "pkg:deb/debian/ghostscript@10.07.0~dfsg-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.07.0~dfsg-2" } ], "aliases": [ "CVE-2025-59801" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wzad-uxqp-63h3" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67454?format=api", "vulnerability_id": "VCID-7anb-rnxg-97h8", "summary": "Artifex Ghostscript: Artifex Ghostscript: Denial of Service via stack-based buffer overflow in pdf_write_cmap", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59798.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59798.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59798", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03607", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03558", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03631", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03632", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03654", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03611", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03583", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03622", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59798" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116444", "reference_id": "1116444", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116444" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397225", "reference_id": "2397225", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397225" }, { "reference_url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=0cae41b23a9669e801211dd4cf97b6dadd6dbdd7", "reference_id": "?id=0cae41b23a9669e801211dd4cf97b6dadd6dbdd7", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T13:54:24Z/" } ], "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=0cae41b23a9669e801211dd4cf97b6dadd6dbdd7" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=708539", "reference_id": "show_bug.cgi?id=708539", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T13:54:24Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=708539" }, { "reference_url": "https://usn.ubuntu.com/7782-1/", "reference_id": "USN-7782-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7782-1/" }, { "reference_url": "https://usn.ubuntu.com/7904-1/", "reference_id": "USN-7904-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7904-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026094?format=api", "purl": "pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nh4-crmx-jfb5" }, { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-rdmp-hfbg-2kh5" }, { "vulnerability": "VCID-t3n4-wrgr-bkdy" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8" } ], "aliases": [ "CVE-2025-59798" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7anb-rnxg-97h8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56851?format=api", "vulnerability_id": "VCID-7u9a-5pkt-4fbf", "summary": "Multiple vulnerabilities have been discovered in GPL Ghostscript, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46956.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46956.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-46956", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55637", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55608", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55634", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.5561", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55662", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55665", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55674", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55654", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-46956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46956" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325047", "reference_id": "2325047", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325047" }, { "reference_url": "https://security.gentoo.org/glsa/202501-06", "reference_id": "GLSA-202501-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-06" }, { "reference_url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f4151f12db32cd3ed26c24327de714bf2c3ed6ca", "reference_id": "?id=f4151f12db32cd3ed26c24327de714bf2c3ed6ca", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T19:58:48Z/" } ], "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f4151f12db32cd3ed26c24327de714bf2c3ed6ca" }, { "reference_url": "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html", "reference_id": "News.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T19:58:48Z/" } ], "url": "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4362", "reference_id": "RHSA-2025:4362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7422", "reference_id": "RHSA-2025:7422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7499", "reference_id": "RHSA-2025:7499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7499" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=707895", "reference_id": "show_bug.cgi?id=707895", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T19:58:48Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=707895" }, { "reference_url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/", "reference_id": "suse-su-20243942-1", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T19:58:48Z/" } ], "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/" }, { "reference_url": "https://usn.ubuntu.com/7103-1/", "reference_id": "USN-7103-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7103-1/" }, { "reference_url": "https://usn.ubuntu.com/7138-1/", "reference_id": "USN-7138-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7138-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026094?format=api", "purl": "pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nh4-crmx-jfb5" }, { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-rdmp-hfbg-2kh5" }, { "vulnerability": "VCID-t3n4-wrgr-bkdy" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8" } ], "aliases": [ "CVE-2024-46956" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7u9a-5pkt-4fbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58216?format=api", "vulnerability_id": "VCID-8wfs-knnp-8ub1", "summary": "Multiple vulnerabilities have been discovered in GPL Ghostscript, the worst of which can lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27831.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27831.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27831", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48463", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48498", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48492", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48488", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48511", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48485", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48438", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27831" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27831", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27831" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354963", "reference_id": "2354963", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354963" }, { "reference_url": "https://security.gentoo.org/glsa/202508-02", "reference_id": "GLSA-202508-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202508-02" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=708132", "reference_id": "show_bug.cgi?id=708132", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-26T13:39:16Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=708132" }, { "reference_url": "https://usn.ubuntu.com/7378-1/", "reference_id": "USN-7378-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7378-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026094?format=api", "purl": "pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nh4-crmx-jfb5" }, { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-rdmp-hfbg-2kh5" }, { "vulnerability": "VCID-t3n4-wrgr-bkdy" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8" } ], "aliases": [ "CVE-2025-27831" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8wfs-knnp-8ub1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56845?format=api", "vulnerability_id": "VCID-barv-t623-h3e5", "summary": "Multiple vulnerabilities have been discovered in GPL Ghostscript, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46951.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46951.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-46951", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33919", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.34027", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.34057", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33912", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33955", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33987", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33985", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33942", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-46951" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46951", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46951" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325043", "reference_id": "2325043", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325043" }, { "reference_url": "https://security.gentoo.org/glsa/202501-06", "reference_id": "GLSA-202501-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-06" }, { "reference_url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8", "reference_id": "?id=f49812186baa7d1362880673408a6fbe8719b4f8", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T19:59:49Z/" } ], "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8" }, { "reference_url": "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html", "reference_id": "News.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T19:59:49Z/" } ], "url": "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4362", "reference_id": "RHSA-2025:4362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7422", "reference_id": "RHSA-2025:7422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7499", "reference_id": "RHSA-2025:7499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7499" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=707991", "reference_id": "show_bug.cgi?id=707991", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T19:59:49Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=707991" }, { "reference_url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/", "reference_id": "suse-su-20243942-1", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T19:59:49Z/" } ], "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/" }, { "reference_url": "https://usn.ubuntu.com/7103-1/", "reference_id": "USN-7103-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7103-1/" }, { "reference_url": "https://usn.ubuntu.com/7138-1/", "reference_id": "USN-7138-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7138-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026094?format=api", "purl": "pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nh4-crmx-jfb5" }, { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-rdmp-hfbg-2kh5" }, { "vulnerability": "VCID-t3n4-wrgr-bkdy" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8" } ], "aliases": [ "CVE-2024-46951" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-barv-t623-h3e5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58215?format=api", "vulnerability_id": "VCID-bnpf-udu2-hqbk", "summary": "Multiple vulnerabilities have been discovered in GPL Ghostscript, the worst of which can lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27830.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27830.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27830", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07566", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07634", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.0766", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07661", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07648", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07608", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07583", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07642", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27830" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27830", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27830" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354953", "reference_id": "2354953", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354953" }, { "reference_url": "https://security.gentoo.org/glsa/202508-02", "reference_id": "GLSA-202508-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202508-02" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=708241", "reference_id": "show_bug.cgi?id=708241", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-26T13:36:52Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=708241" }, { "reference_url": "https://usn.ubuntu.com/7378-1/", "reference_id": "USN-7378-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7378-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026094?format=api", "purl": "pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nh4-crmx-jfb5" }, { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-rdmp-hfbg-2kh5" }, { "vulnerability": "VCID-t3n4-wrgr-bkdy" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8" } ], "aliases": [ "CVE-2025-27830" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bnpf-udu2-hqbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58221?format=api", "vulnerability_id": "VCID-c6ms-5wr2-kbfj", "summary": "Multiple vulnerabilities have been discovered in GPL Ghostscript, the worst of which can lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27835.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27835.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27835", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07566", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07634", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.0766", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07661", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07648", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07608", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07583", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07642", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27835" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354947", "reference_id": "2354947", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354947" }, { "reference_url": "https://security.gentoo.org/glsa/202508-02", "reference_id": "GLSA-202508-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202508-02" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=708131", "reference_id": "show_bug.cgi?id=708131", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-26T13:36:46Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=708131" }, { "reference_url": "https://usn.ubuntu.com/7378-1/", "reference_id": "USN-7378-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7378-1/" }, { "reference_url": "https://usn.ubuntu.com/7623-1/", "reference_id": "USN-7623-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7623-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026094?format=api", "purl": "pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nh4-crmx-jfb5" }, { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-rdmp-hfbg-2kh5" }, { "vulnerability": "VCID-t3n4-wrgr-bkdy" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8" } ], "aliases": [ "CVE-2025-27835" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c6ms-5wr2-kbfj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56847?format=api", "vulnerability_id": "VCID-eypv-n5ea-abgn", "summary": "Multiple vulnerabilities have been discovered in GPL Ghostscript, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46953.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46953.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-46953", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30598", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30728", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30776", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30592", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30651", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30684", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30688", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30644", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-46953" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46953", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46953" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325045", "reference_id": "2325045", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325045" }, { "reference_url": "https://security.gentoo.org/glsa/202501-06", "reference_id": "GLSA-202501-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-06" }, { "reference_url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=1f21a45df0fa3abec4cff12951022b192dda3c00", "reference_id": "?id=1f21a45df0fa3abec4cff12951022b192dda3c00", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T19:59:32Z/" } ], "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=1f21a45df0fa3abec4cff12951022b192dda3c00" }, { "reference_url": "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html", "reference_id": "News.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T19:59:32Z/" } ], "url": "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4362", "reference_id": "RHSA-2025:4362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7422", "reference_id": "RHSA-2025:7422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7499", "reference_id": "RHSA-2025:7499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7499" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=707793", "reference_id": "show_bug.cgi?id=707793", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T19:59:32Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=707793" }, { "reference_url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/", "reference_id": "suse-su-20243942-1", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T19:59:32Z/" } ], "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/" }, { "reference_url": "https://usn.ubuntu.com/7103-1/", "reference_id": "USN-7103-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7103-1/" }, { "reference_url": "https://usn.ubuntu.com/7138-1/", "reference_id": "USN-7138-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7138-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026094?format=api", "purl": "pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nh4-crmx-jfb5" }, { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-rdmp-hfbg-2kh5" }, { "vulnerability": "VCID-t3n4-wrgr-bkdy" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8" } ], "aliases": [ "CVE-2024-46953" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eypv-n5ea-abgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58218?format=api", "vulnerability_id": "VCID-gv9z-e7t9-m7g6", "summary": "Multiple vulnerabilities have been discovered in GPL Ghostscript, the worst of which can lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27832.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27832.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27832", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33978", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33871", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33938", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33936", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33894", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.34009", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33863", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33906", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27832" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27832" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354949", "reference_id": "2354949", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354949" }, { "reference_url": "https://security.gentoo.org/glsa/202508-02", "reference_id": "GLSA-202508-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202508-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21915", "reference_id": "RHSA-2025:21915", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21915" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22869", "reference_id": "RHSA-2025:22869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23153", "reference_id": "RHSA-2025:23153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7586", "reference_id": "RHSA-2025:7586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7593", "reference_id": "RHSA-2025:7593", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7593" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8421", "reference_id": "RHSA-2025:8421", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8421" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=708133", "reference_id": "show_bug.cgi?id=708133", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-26T13:39:13Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=708133" }, { "reference_url": "https://usn.ubuntu.com/7378-1/", "reference_id": "USN-7378-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7378-1/" }, { "reference_url": "https://usn.ubuntu.com/7623-1/", "reference_id": "USN-7623-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7623-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026094?format=api", "purl": "pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nh4-crmx-jfb5" }, { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-rdmp-hfbg-2kh5" }, { "vulnerability": "VCID-t3n4-wrgr-bkdy" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8" } ], "aliases": [ "CVE-2025-27832" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gv9z-e7t9-m7g6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79521?format=api", "vulnerability_id": "VCID-j6nh-rfbg-z7f7", "summary": "ghostscript: Improper release of objects in chunk_free_object during PCL to PDF conversion", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1350.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1350.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1350", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53709", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53729", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53796", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53756", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.5373", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53782", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53779", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53828", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53811", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1350" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075523", "reference_id": "2075523", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075523" }, { "reference_url": "https://bugs.ghostscript.com/attachment.cgi?id=22323", "reference_id": "attachment.cgi?id=22323", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:15:08Z/" } ], "url": "https://bugs.ghostscript.com/attachment.cgi?id=22323" }, { "reference_url": "https://vuldb.com/?id.197290", "reference_id": "?id.197290", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:15:08Z/" } ], "url": "https://vuldb.com/?id.197290" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=705156", "reference_id": "show_bug.cgi?id=705156", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:15:08Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=705156" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026094?format=api", "purl": "pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nh4-crmx-jfb5" }, { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-rdmp-hfbg-2kh5" }, { "vulnerability": "VCID-t3n4-wrgr-bkdy" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8" } ], "aliases": [ "CVE-2022-1350" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j6nh-rfbg-z7f7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56850?format=api", "vulnerability_id": "VCID-k2rj-x3d7-ryd2", "summary": "Multiple vulnerabilities have been discovered in GPL Ghostscript, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46955.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46955.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-46955", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14624", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14728", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14803", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14608", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14697", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14756", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14717", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14678", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-46955" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46955", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46955" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325042", "reference_id": "2325042", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325042" }, { "reference_url": "https://security.gentoo.org/glsa/202501-06", "reference_id": "GLSA-202501-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-06" }, { "reference_url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=85bd9d2f4b792fe67aef22f1a4117457461b8ba6", "reference_id": "?id=85bd9d2f4b792fe67aef22f1a4117457461b8ba6", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T19:58:59Z/" } ], "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=85bd9d2f4b792fe67aef22f1a4117457461b8ba6" }, { "reference_url": "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html", "reference_id": "News.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T19:58:59Z/" } ], "url": "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=707990", "reference_id": "show_bug.cgi?id=707990", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T19:58:59Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=707990" }, { "reference_url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/", "reference_id": "suse-su-20243942-1", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T19:58:59Z/" } ], "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/" }, { "reference_url": "https://usn.ubuntu.com/7103-1/", "reference_id": "USN-7103-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7103-1/" }, { "reference_url": "https://usn.ubuntu.com/7138-1/", "reference_id": "USN-7138-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7138-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026094?format=api", "purl": "pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nh4-crmx-jfb5" }, { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-rdmp-hfbg-2kh5" }, { "vulnerability": "VCID-t3n4-wrgr-bkdy" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8" } ], "aliases": [ "CVE-2024-46955" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k2rj-x3d7-ryd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96936?format=api", "vulnerability_id": "VCID-pnwf-fw4h-r3g3", "summary": "A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. It has been classified as problematic. This affects the function pdf_ferror of the file devices/vector/gdevpdf.c of the component New Output File Open Error Handler. The manipulation leads to null pointer dereference. It is possible to initiate the attack remotely. The identifier of the patch is 619a106ba4c4abed95110f84d5efcd7aee38c7cb. It is recommended to apply a patch to fix this issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-7462", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22684", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22641", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24291", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24262", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24329", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24373", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.2439", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24348", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-7462" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7462", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7462" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109270", "reference_id": "1109270", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109270" }, { "reference_url": "https://artifex.com/", "reference_id": "artifex.com", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P/E:ND/RL:OF/RC:C" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-14T19:13:25Z/" } ], "url": "https://artifex.com/" }, { "reference_url": "https://vuldb.com/?ctiid.316113", "reference_id": "?ctiid.316113", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P/E:ND/RL:OF/RC:C" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-14T19:13:25Z/" } ], "url": "https://vuldb.com/?ctiid.316113" }, { "reference_url": "https://vuldb.com/?id.316113", "reference_id": "?id.316113", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P/E:ND/RL:OF/RC:C" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-14T19:13:25Z/" } ], "url": "https://vuldb.com/?id.316113" }, { "reference_url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=619a106ba4c4", "reference_id": "?id=619a106ba4c4", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P/E:ND/RL:OF/RC:C" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-14T19:13:25Z/" } ], "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=619a106ba4c4" }, { "reference_url": "https://vuldb.com/?submit.610173", "reference_id": "?submit.610173", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P/E:ND/RL:OF/RC:C" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-14T19:13:25Z/" } ], "url": "https://vuldb.com/?submit.610173" }, { "reference_url": "https://usn.ubuntu.com/7782-1/", "reference_id": "USN-7782-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7782-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026094?format=api", "purl": "pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nh4-crmx-jfb5" }, { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-rdmp-hfbg-2kh5" }, { "vulnerability": "VCID-t3n4-wrgr-bkdy" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8" } ], "aliases": [ "CVE-2025-7462" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pnwf-fw4h-r3g3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67456?format=api", "vulnerability_id": "VCID-pvfx-6ymq-6qbf", "summary": "Artifex Ghostscript: From CVEorg collector", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59799.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59799.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59799", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03607", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03558", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03631", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03632", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03654", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03611", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03583", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03622", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59799" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116443", "reference_id": "1116443", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116443" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397227", "reference_id": "2397227", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397227" }, { "reference_url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=6dab38fb211f15226c242ab7a83fa53e4b0ff781", "reference_id": "?id=6dab38fb211f15226c242ab7a83fa53e4b0ff781", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T13:48:50Z/" } ], "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=6dab38fb211f15226c242ab7a83fa53e4b0ff781" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=708517", "reference_id": "show_bug.cgi?id=708517", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T13:48:50Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=708517" }, { "reference_url": "https://usn.ubuntu.com/7782-1/", "reference_id": "USN-7782-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7782-1/" }, { "reference_url": "https://usn.ubuntu.com/7904-1/", "reference_id": "USN-7904-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7904-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026094?format=api", "purl": "pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nh4-crmx-jfb5" }, { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-rdmp-hfbg-2kh5" }, { "vulnerability": "VCID-t3n4-wrgr-bkdy" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8" } ], "aliases": [ "CVE-2025-59799" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pvfx-6ymq-6qbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75002?format=api", "vulnerability_id": "VCID-wtv2-9jx7-kkgz", "summary": "ghostscript: heap pointer leak in pdf_base_font_alloc()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29508.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29508.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-29508", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10176", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10104", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10166", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10061", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10137", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10198", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10235", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10195", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-29508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29508" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295627", "reference_id": "2295627", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295627" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2024/07/03/7", "reference_id": "7", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:49:12Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2024/07/03/7" }, { "reference_url": "https://git.ghostscript.com/?p=ghostpdl.git%3Bh=ff1013a0ab485b66783b70145e342a82c670906a", "reference_id": "?p=ghostpdl.git%3Bh=ff1013a0ab485b66783b70145e342a82c670906a", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:49:12Z/" } ], "url": "https://git.ghostscript.com/?p=ghostpdl.git%3Bh=ff1013a0ab485b66783b70145e342a82c670906a" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=707510", "reference_id": "show_bug.cgi?id=707510", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:49:12Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=707510" }, { "reference_url": "https://usn.ubuntu.com/6897-1/", "reference_id": "USN-6897-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6897-1/" }, { "reference_url": "https://usn.ubuntu.com/7623-1/", "reference_id": "USN-7623-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7623-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026094?format=api", "purl": "pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nh4-crmx-jfb5" }, { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-rdmp-hfbg-2kh5" }, { "vulnerability": "VCID-t3n4-wrgr-bkdy" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8" } ], "aliases": [ "CVE-2024-29508" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wtv2-9jx7-kkgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58222?format=api", "vulnerability_id": "VCID-x5ce-v7bc-ufam", "summary": "Multiple vulnerabilities have been discovered in GPL Ghostscript, the worst of which can lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27836.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27836.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27836", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43371", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43376", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43403", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43422", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43391", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43399", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43337", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43389", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27836" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354952", "reference_id": "2354952", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354952" }, { "reference_url": "https://security.gentoo.org/glsa/202508-02", "reference_id": "GLSA-202508-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202508-02" }, { "reference_url": "https://bugs.ghostscript.com/show_bug.cgi?id=708192", "reference_id": "show_bug.cgi?id=708192", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-26T13:18:16Z/" } ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=708192" }, { "reference_url": "https://usn.ubuntu.com/7378-1/", "reference_id": "USN-7378-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7378-1/" }, { "reference_url": "https://usn.ubuntu.com/7623-1/", "reference_id": "USN-7623-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7623-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026094?format=api", "purl": "pkg:deb/debian/ghostscript@10.0.0~dfsg-11%2Bdeb12u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nh4-crmx-jfb5" }, { "vulnerability": "VCID-k837-n44h-pkbm" }, { "vulnerability": "VCID-rdmp-hfbg-2kh5" }, { "vulnerability": "VCID-t3n4-wrgr-bkdy" }, { "vulnerability": "VCID-wzad-uxqp-63h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8" } ], "aliases": [ "CVE-2025-27836" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x5ce-v7bc-ufam" } ], "risk_score": "3.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ghostscript@10.0.0~dfsg-11%252Bdeb12u8" }