Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-43903

Опубликовано: 18 апр. 2025
Источник: debian

Описание

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
popplerfixed25.03.0-4package
popplerno-dsabookwormpackage
popplerpostponedbullseyepackage

Примечания

  • Introduced with: https://gitlab.freedesktop.org/poppler/poppler/-/commit/c7c0207b1cfe49a4353d6cda93dbebef4508138f (poppler-0.42.0)

  • Fixed by: https://gitlab.freedesktop.org/poppler/poppler/-/commit/f1b9c830f145a0042e853d6462b2f9ca4016c669 (poppler-25.04.0)

Связанные уязвимости

ubuntu логотип

CVE-2025-43903

CVSS3: 4.3
ubuntu
8 месяцев назад

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.

redhat логотип

CVE-2025-43903

CVSS3: 4.3
redhat
8 месяцев назад

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.

nvd логотип

CVE-2025-43903

CVSS3: 4.3
nvd
8 месяцев назад

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.

suse-cvrf логотип

SUSE-SU-2025:1434-1

suse-cvrf
8 месяцев назад

Security update for poppler

github логотип

GHSA-4w9g-4h2x-7qxq

CVSS3: 4.3
github
8 месяцев назад

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.