Search for packages
| purl | pkg:deb/debian/poppler@25.03.0-5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-5ynz-7776-3bbt | NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries. |
CVE-2025-43903
|
| VCID-avnr-t9ny-vqam | A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service. |
CVE-2024-6239
|
| VCID-chds-xndj-tffu | Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue. |
CVE-2025-52886
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-08-01T13:05:02.040277+00:00 | Debian Importer | Fixing | VCID-5ynz-7776-3bbt | https://security-tracker.debian.org/tracker/data/json | 37.0.0 |
| 2025-08-01T12:49:16.075746+00:00 | Debian Importer | Fixing | VCID-chds-xndj-tffu | https://security-tracker.debian.org/tracker/data/json | 37.0.0 |
| 2025-08-01T12:12:30.438333+00:00 | Debian Importer | Fixing | VCID-avnr-t9ny-vqam | https://security-tracker.debian.org/tracker/data/json | 37.0.0 |