VYPR

rpm package

suse/poppler&distro=SUSE Manager Proxy LTS 4.3

pkg:rpm/suse/poppler&distro=SUSE%20Manager%20Proxy%20LTS%204.3

Vulnerabilities (3)

  • CVE-2025-52885MedOct 10, 2025
    affected < 0.79.0-150200.3.46.1fixed 0.79.0-150200.3.46.1

    Poppler ia a library for rendering PDF files, and examining or modifying their structure. A use-after-free (write) vulnerability has been detected in versions Poppler prior to 25.10.0 within the StructTreeRoot class. The issue arises from the use of raw pointers to elements of a

  • CVE-2025-43718LowOct 1, 2025
    affected < 0.79.0-150200.3.46.1fixed 0.79.0-150200.3.46.1

    Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata (such as GTS_PDFEVersion) of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetada

  • CVE-2025-50420Aug 4, 2025
    affected < 22.01.0-150400.3.38.1fixed 22.01.0-150400.3.38.1

    An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service (DoS).