VDB

MAGEIA-2025-134

MAGEIA-2025-134 PUBLISHED

A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN. (CVE-2025-32364) Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check. (CVE-2025-32365)

Affected Products

VendorProductVersions
Mageiapoppler0, 23.02.0-1.5.mga9

Timeline

  • Apr 12, 2025 CVE Updated
  • Apr 12, 2025 CVE Published
  • Mar 17, 2026 Distribution Patch
  • Mar 17, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›