CVE-2025-50420

Опубликовано: 04 авг. 2025

Источник: debian

Описание

An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service (DoS).

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
poppler	fixed	25.03.0-6		package
poppler	fixed	25.03.0-5+deb13u2	trixie	package
poppler	no-dsa		bookworm	package
poppler	postponed		bullseye	package

Примечания

https://github.com/Landw-hub/CVE-2025-50420
https://gitlab.freedesktop.org/poppler/poppler/-/issues/1613
https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1849
Fixed by: https://gitlab.freedesktop.org/poppler/poppler/-/commit/08d7894e4dd0e313c179e30f06ad8f546619b1b3

Связанные уязвимости

CVE-2025-50420

CVSS3: 6.5

ubuntu

6 месяцев назад

An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service (DoS).

CVE-2025-50420

CVSS3: 6.5

nvd

6 месяцев назад

An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service (DoS).

SUSE-SU-2025:02791-1

suse-cvrf

6 месяцев назад

Security update for poppler

SUSE-SU-2025:02790-1

suse-cvrf

6 месяцев назад

Security update for poppler

SUSE-SU-2025:02789-1

suse-cvrf

6 месяцев назад

Security update for poppler