GHSA-4w9g-4h2x-7qxq

Опубликовано: 18 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.

Ссылки

EPSS

Процентиль: 1%

0.0001

Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2025-43903

Дефекты

CWE-347

Связанные уязвимости

CVE-2025-43903

CVSS3: 4.3

ubuntu

8 месяцев назад

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.

CVE-2025-43903

CVSS3: 4.3

redhat

8 месяцев назад

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.

CVE-2025-43903

CVSS3: 4.3

nvd

8 месяцев назад

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.

CVE-2025-43903

CVSS3: 4.3

debian

8 месяцев назад

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the ...

SUSE-SU-2025:1434-1

suse-cvrf

8 месяцев назад

Security update for poppler

EPSS

Процентиль: 1%

0.0001

Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2025-43903

Дефекты

CWE-347