CNNVD-202512-4063 Information

CNNVD ID

CNNVD-202512-4063

Related CVE

CVE-2025-14406

• CNNVD Published: 2025-12-23

Description (Chinese)

Soda PDF Desktop是加拿大Soda公司的一个全功能PDF编辑软件。 Soda PDF Desktop存在代码问题漏洞，该漏洞源于OpenSSL配置从不安全位置加载配置文件，可能导致本地权限提升。

Description (English)

Soda PDF Desktop is a full-purpose PDF editing software for Soda Canada. Soda PDF Desktop has a code gap, which stems from OpenSSL configuration loading the profile from unsafe locations, which may lead to an increase in local privileges.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Soda

Published

2025-12-23

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-1079/