Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2025:03461-1

Опубликовано: 07 окт. 2025
Источник: suse-cvrf

Описание

Security update for ghostscript

This update for ghostscript fixes the following issues:

  • CVE-2025-48708: Fixed password disclosure due to lacks of argument sanitization (bsc#1243701)

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP6
ghostscript-9.52-150000.206.1
ghostscript-devel-9.52-150000.206.1
ghostscript-x11-9.52-150000.206.1
SUSE Linux Enterprise Module for Basesystem 15 SP7
ghostscript-9.52-150000.206.1
ghostscript-devel-9.52-150000.206.1
ghostscript-x11-9.52-150000.206.1
openSUSE Leap 15.6
ghostscript-9.52-150000.206.1
ghostscript-devel-9.52-150000.206.1
ghostscript-x11-9.52-150000.206.1

Ссылки

Описание

gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext.

Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:ghostscript-9.52-150000.206.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:ghostscript-devel-9.52-150000.206.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:ghostscript-x11-9.52-150000.206.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:ghostscript-9.52-150000.206.1
Ссылки
Уязвимость SUSE-SU-2025:03461-1