VDB

GCVE-VVD-MAGEIA-2025-22

GCVE-VVD-MAGEIA-2025-22
Advisory Published
Vulnetix · Advisory published February 25, 2025
libpoppler.so has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc. (CVE-2024-56378)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiaautohint-onoff0 (affected), 2.0-1.1.mga9 (unaffected)
Mageiaenki0 (affected), 22.08.0-1.1.mga9 (unaffected)
Mageiapyzo0 (affected), 4.12.0-2.1.mga9 (unaffected)
Mageiameteo-qt0 (affected), 3.3-2.1.mga9 (unaffected)
Mageiapoppler0 (affected), 23.02.0-1.4.mga9 (unaffected), 0 (affected), 23.02.0-1.4.mga9 (unaffected)

Aliases

CVE-2024-56378

Transitive aliases

VVD-CISA-2024-56378BELL-CVE-2024-56378BDU:2025-06968VVD-ANCHORE-2024-56378GHSA-h369-f67q-2q4cEUVD-2024-53136

References

Updated poppler packages fix security vulnerability
advisory
Updated poppler packages fix security vulnerability
advisory
Updated poppler packages fix security vulnerability
issue
Updated autohint-onoff, enki, pyzo & meteo-qt packages fix bug
advisory
Updated autohint-onoff, enki, pyzo & meteo-qt packages fix bug
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›