CNNVD-202507-092 Information
CNNVD ID
CNNVD-202507-092
Related CVE
- CNNVD Published: 2025-07-02
Description (Chinese)
Freedesktop Poppler是Freedesktop社区的一个用于生成PDF的C++类库,该库是从Xpdf(PDF阅读器)继承而来。 Freedesktop Poppler 25.06.0之前版本存在资源管理错误漏洞,该漏洞源于引用计数溢出,可能导致释放后重用。
Description (English)
Freedesktop Poppler is a C++ library for the production of PDF in the Freedesktop community, inherited from Xpdf (PDF reader). The previous version of Freedesktop Poppler 25.06.0 had an error in resource management, which stemmed from the spilling of quoted counts and could lead to reuse after release.
Hazard Level
High
Vulnerability Type
资源管理错误
Affected Vendor
Freedesktop
Published
2025-07-02
Last Modified
2026-02-24
References
https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1828 https://gitlab.freedesktop.org/poppler/poppler/-/issues/1581 https://gitlab.freedesktop.org/poppler/poppler/-/commit/04bd91684ed41d67ae0f10cde0660e4ed74ac203 https://securitylab.github.com/advisories/GHSL-2025-054_poppler/ https://gitlab.freedesktop.org/poppler/poppler/-/commit/ac36affcc8486de38e8905a8d6547a3464ff46e5 https://vigilance.fr/vulnerability/poppler-use-after-free-dated-16-07-2025-47717 https://access.redhat.com/security/cve/cve-2025-52886
Patch
https://gitlab.freedesktop.org/poppler/poppler/-/tags
Share on: