Описание
Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata (such as GTS_PDFEVersion) of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated functions in PDFDoc, with deep recursion in the regex executor (std::__detail::_Executor).
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 25.03.0-10 |
| esm-infra/bionic | needs-triage | |
| esm-infra/focal | needs-triage | |
| esm-infra/xenial | needs-triage | |
| jammy | released | 22.02.0-2ubuntu0.11 |
| noble | released | 24.02.0-1ubuntu9.7 |
| plucky | released | 25.03.0-3ubuntu1.3 |
| questing | released | 25.03.0-10 |
| upstream | released | 25.03.0-10 |
Показывать по
2.9 Low
CVSS3
Связанные уязвимости
Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata (such as GTS_PDFEVersion) of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated functions in PDFDoc, with deep recursion in the regex executor (std::__detail::_Executor).
Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption a ...
Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata (such as GTS_PDFEVersion) of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated functions in PDFDoc, with deep recursion in the regex executor (std::__detail::_Executor).
2.9 Low
CVSS3