CNNVD-202512-4061 Information

CNNVD ID

CNNVD-202512-4061

Related CVE

CVE-2025-14408

• CNNVD Published: 2025-12-23

Description (Chinese)

Soda PDF Desktop是加拿大Soda公司的一个全功能PDF编辑软件。 Soda PDF Desktop存在缓冲区错误漏洞，该漏洞源于解析PDF文件时缺少对用户提供数据的验证，可能导致越界读取和信息泄露。

Description (English)

Soda PDF Desktop is a full-purpose PDF editing software for Soda Canada. Soda PDF Desktop had a buffer zone error loophole, which stemmed from the lack of validation of data provided by users when the PDF files were being deciphered and could lead to cross-border reading and information leaks.

Hazard Level

Critical

Vulnerability Type

缓冲区错误

Affected Vendor

Soda

Published

2025-12-23

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-1081/