Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-6f98-2v97-grfv

Опубликовано: 04 авг. 2025
Источник: github
Github: Не прошло ревью
CVSS3: 6.5

Описание

An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not cleared upon program exit, allowing attackers to obtain sensitive PDF content via a memory dump.

An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not cleared upon program exit, allowing attackers to obtain sensitive PDF content via a memory dump.

EPSS

Процентиль: 1%
0.00013
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-244
CWE-617

Связанные уязвимости

CVSS3: 2.9
ubuntu
10 дней назад

Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled->face == NULL" assertion failure for _cairo_ft_unscaled_font_fini in cairo-ft-font.c.

CVSS3: 3.3
redhat
10 дней назад

Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled->face == NULL" assertion failure for _cairo_ft_unscaled_font_fini in cairo-ft-font.c.

CVSS3: 2.9
nvd
10 дней назад

Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled->face == NULL" assertion failure for _cairo_ft_unscaled_font_fini in cairo-ft-font.c.

CVSS3: 2.9
debian
10 дней назад

Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unsc ...

EPSS

Процентиль: 1%
0.00013
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-244
CWE-617