Open Source Security mailing list

Open Source Security mailing list

@oss_security · Twitter ·

CVE-2025-48708: ghostscript can embed plaintext password in encrypted PDFs https://www.openwall.com/lists/oss-security/2025/05/23/2 the full command-line input, including the plaintext password, is embedded at the beginning of the generated PDF file