Unrated severityNVD Advisory· Published Apr 5, 2025· Updated Nov 3, 2025
CVE-2025-32365
CVE-2025-32365
Description
Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
24- Range: < 25.04.0
- osv-coords22 versionspkg:rpm/almalinux/popplerpkg:rpm/almalinux/poppler-cpppkg:rpm/almalinux/poppler-cpp-develpkg:rpm/almalinux/poppler-develpkg:rpm/almalinux/poppler-glibpkg:rpm/almalinux/poppler-glib-develpkg:rpm/almalinux/poppler-glib-docpkg:rpm/almalinux/poppler-qt5pkg:rpm/almalinux/poppler-qt5-develpkg:rpm/almalinux/poppler-qt6pkg:rpm/almalinux/poppler-qt6-develpkg:rpm/almalinux/poppler-utilspkg:rpm/opensuse/poppler&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/poppler&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/poppler-qt5&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/poppler-qt6&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/poppler-qt5&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/poppler-qt6&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/poppler-qt&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
< 21.01.0-23.el9_7+ 21 more
- (no CPE)range: < 21.01.0-23.el9_7
- (no CPE)range: < 21.01.0-23.el9_7
- (no CPE)range: < 21.01.0-23.el9_7
- (no CPE)range: < 21.01.0-23.el9_7
- (no CPE)range: < 21.01.0-23.el9_7
- (no CPE)range: < 21.01.0-23.el9_7
- (no CPE)range: < 21.01.0-23.el9_7
- (no CPE)range: < 21.01.0-23.el9_7
- (no CPE)range: < 21.01.0-23.el9_7
- (no CPE)range: < 24.02.0-7.el10_1
- (no CPE)range: < 24.02.0-7.el10_1
- (no CPE)range: < 21.01.0-23.el9_7
- (no CPE)range: < 24.03.0-150600.3.10.1
- (no CPE)range: < 25.04.0-1.1
- (no CPE)range: < 24.03.0-150600.3.10.1
- (no CPE)range: < 24.03.0-150600.3.10.1
- (no CPE)range: < 24.03.0-150600.3.10.1
- (no CPE)range: < 24.03.0-150600.3.10.1
- (no CPE)range: < 0.43.0-16.55.1
- (no CPE)range: < 24.03.0-150600.3.10.1
- (no CPE)range: < 24.03.0-150600.3.10.1
- (no CPE)range: < 0.43.0-16.55.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.