CNNVD-202508-409 Information

CNNVD ID

CNNVD-202508-409

Related CVE

CVE-2025-54869

• CNNVD Published: 2025-08-06

Description (Chinese)

FPDI是Setasign GmbH & Co. KG开源的一个PDF读取软件。 FPDI 2.6.2及之前版本存在安全漏洞，该漏洞源于处理用户提供PDF文件时内存耗尽，可能导致拒绝服务攻击。

Description (English)

FPDI is a PDF-reading software from Setasign GmbH & Co. KG Open Source. The FPDI 2.6.2 and previous versions had a security loophole, which stemmed from the depletion of the memory of users when they supplied PDF documents, which could lead to a denial of service attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Setasign GmbH & Co. KG

Published

2025-08-06

Last Modified

2026-02-24

References

https://github.com/Setasign/FPDI/security/advisories/GHSA-jxhh-4648-vpp3 https://github.com/Setasign/FPDI/commit/ba671ba9221cffd32c2dda87316c19f522a1c5f0 https://access.redhat.com/security/cve/cve-2025-54869

Patch

https://github.com/Setasign/FPDI/releases