QwikSec

Security Database

CVE

CWE

Training

CVE-2025-7462

Published: Jul 12, 2025

Modified: Nov 3, 2025

PUBLISHED

CVSS v3.1

4.3

MEDIUM

Description

A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. It has been classified as problematic. This affects the function pdf_ferror of the file devices/vector/gdevpdf.c of the component New Output File Open Error Handler. The manipulation leads to null pointer dereference. It is possible to initiate the attack remotely. The identifier of the patch is 619a106ba4c4abed95110f84d5efcd7aee38c7cb. It is recommended to apply a patch to fix this issue.

Vendor	Product	Versions
Artifex	GhostPDL	affected `3989415a5b8e99b9d1b87cc9902bde9b7cdea145`

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

References

VDB-316113 | Artifex GhostPDL New Output File Open Error gdevpdf.c pdf_ferror null pointer dereference

vdb-entry

technical-description

VDB-316113 | CTI Indicators (IOB, IOC, IOA)

signature

permissions-required

Submit #610173 | ArtifexSoftware GhostPDL 3989415a5b8e99b9d1b87cc9902bde9b7cdea145 NULL Pointer Dereference

third-party-advisory

https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=619a106ba4c4

patch

https://artifex.com/

product

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.