rpm package
suse/poppler&distro=SUSE Linux Enterprise Server 12 SP5-LTSS
pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-50420 | — | < 0.43.0-16.64.1 | 0.43.0-16.64.1 | Aug 4, 2025 | An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service (DoS). | ||
| CVE-2025-52886 | — | < 0.43.0-16.58.2 | 0.43.0-16.58.2 | Jul 2, 2025 | Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue. |
- CVE-2025-50420Aug 4, 2025affected < 0.43.0-16.64.1fixed 0.43.0-16.64.1
An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service (DoS).
- CVE-2025-52886Jul 2, 2025affected < 0.43.0-16.58.2fixed 0.43.0-16.58.2
Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue.