CVE-2025-32365

Опубликовано: 05 апр. 2025

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 4

Описание

Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.

Релиз	Статус	Примечание
devel	released	25.03.0-3
esm-infra/bionic	released	0.62.0-2ubuntu2.14+esm5
esm-infra/focal	released	0.86.1-0ubuntu1.6
esm-infra/xenial	released	0.41.0-0ubuntu1.16+esm6
focal	released	0.86.1-0ubuntu1.6
jammy	released	22.02.0-2ubuntu0.7
noble	released	24.02.0-1ubuntu9.3
oracular	released	24.08.0-1ubuntu0.2
plucky	released	25.03.0-3
upstream	released	25.04.0

Показывать по

Ссылки на источники

EPSS

Процентиль: 24%

0.00079

Низкий

4 Medium

CVSS3

Связанные уязвимости

CVE-2025-32365

CVSS3: 4

redhat

10 месяцев назад

Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.

CVE-2025-32365

CVSS3: 4

nvd

10 месяцев назад

Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.

CVE-2025-32365

CVSS3: 4

debian

10 месяцев назад

Poppler before 25.04.0 allows crafted input files to trigger out-of-bo ...

RLSA-2026:0130

rocky

около 1 месяца назад

Moderate: poppler security update

RLSA-2026:0128

rocky

30 дней назад

Moderate: poppler security update

EPSS

Процентиль: 24%

0.00079

Низкий

4 Medium

CVSS3

CVE-2025-32365

Описание

Пакет poppler

Ссылки на источники

Связанные уязвимости