GHSA-r4rq-7765-p57x

Опубликовано: 07 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4

Описание

Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.

Ссылки

EPSS

Процентиль: 23%

0.00079

Низкий

4 Medium

CVSS3

CVE ID

CVE-2025-32365

Дефекты

CWE-125

Связанные уязвимости

CVE-2025-32365

CVSS3: 4

ubuntu

10 месяцев назад

Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.

CVE-2025-32365

CVSS3: 4

redhat

10 месяцев назад

Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.

CVE-2025-32365

CVSS3: 4

nvd

10 месяцев назад

Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.

CVE-2025-32365

CVSS3: 4

debian

10 месяцев назад

Poppler before 25.04.0 allows crafted input files to trigger out-of-bo ...

RLSA-2026:0130

rocky

около 1 месяца назад

Moderate: poppler security update

EPSS

Процентиль: 23%

0.00079

Низкий

4 Medium

CVSS3

CVE ID

CVE-2025-32365

Дефекты

CWE-125