CVE-2025-7462

4.3 MEDIUM
Published: July 12, 2025 Modified: November 03, 2025
View on NVD

Description

A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. It has been classified as problematic. This affects the function pdf_ferror of the file devices/vector/gdevpdf.c of the component New Output File Open Error Handler. The manipulation leads to null pointer dereference. It is possible to initiate the attack remotely. The identifier of the patch is 619a106ba4c4abed95110f84d5efcd7aee38c7cb. It is recommended to apply a patch to fix this issue.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://artifex.com/
Source: cna@vuldb.com
https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=619a106ba4c4
Source: cna@vuldb.com
https://vuldb.com/?ctiid.316113
Source: cna@vuldb.com
https://vuldb.com/?id.316113
Source: cna@vuldb.com
https://vuldb.com/?submit.610173
Source: cna@vuldb.com
https://lists.debian.org/debian-lts-announce/2025/10/msg00010.html
Source: af854a3a-2127-422b-91ae-364da2661108

6 reference(s) from NVD

Quick Stats

CVSS v3 Score
4.3 / 10.0
EPSS (Exploit Probability)
0.0%
15th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-404 CWE-476

Related CVEs

CVE-2026-21652 N/A
CVE-2026-21651 N/A
CVE-2026-21650 N/A
CVE-2026-21649 N/A
CVE-2026-21648 N/A