Discovery API Icon
Discovery API
Security Advisory Icon
Security Advisory
Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2025-46646

Published: April 29, 2025Last modified: May 23, 2025

Description

In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954.

Severity score breakdown

ParameterValue
Base score4.5
Attack VectorLOCAL
Attack complexityHIGH
Privileges requiredNONE
User interactionNONE
ScopeCHANGED
ConfidentialityLOW
Integrity impactLOW
Availability impactNONE
VectorCVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSghostscriptFixed (10.01.2-r5)
StreamghostscriptFixed (10.05.0-r0)

References

ON THIS PAGE