Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

SUSE Ghostscript Moderate Threat Fix Denial of Service 2026-21363-1

suse
Calendar Grey April 28, 2026
Dist Suse Esm H88
Update for Ghostscript addresses six issues, enhancing security for SUSE users with moderate threats and fixes.
An update that solves six vulnerabilities can now be installed.

Summary

## This update for ghostscript fixes the following issues: Update to version 10.06.0. Security issues fixed: * CVE-2025-59800: an integer overflow can lead to a heap-based buffer overflow in ocr_line8 (bsc#1250355). * CVE-2025-59799: a large size value can cause a stack-based buffer overflow in pdfmark_coerce_dest (bsc#1250354). * CVE-2025-59798: stack-based buffer overflow in pdf_write_cmap can lead to a denial-of-service (bsc#1250353). * CVE-2025-48708: lacks of argument sanitization may lead to password disclosure (bsc#1243701). * CVE-2025-46646: mishandling of overlong utf-8 encoding in artifex ghostscript's decode_utf8 function (bsc#1257699). Other updates and bugfixes: * switch over to libalternatives for ghostscript to provide a gs variant (bsc#1245896) * Version upgrade to 10.06.0:

References

* bsc#1243701

* bsc#1245896

* bsc#1250353

* bsc#1250354

* bsc#1250355

* bsc#1257699

Cross-

* CVE-2025-46646

* CVE-2025-48708

* CVE-2025-59798

* CVE-2025-59799

* CVE-2025-59800

* CVE-2025-59801

CVSS scores:

* CVE-2025-46646 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

* CVE-2025-46646 ( NVD ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

* CVE-2025-48708 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

* CVE-2025-48708 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

* CVE-2025-48708 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

* CVE-2025-59798 ( SUSE ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

* CVE-2025-59798 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Announcement ID: SUSE-SU-2026:21363-1
Release Date: 2026-04-21T09:49:39Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here