vulnerability

Red Hat: CVE-2025-32365: poppler: Out-of-Bounds Read in Poppler (Multiple Advisories)

Name: Red Hat: CVE-2025-32365: poppler: Out-of-Bounds Read in Poppler (Multiple Advisories)
Creator: Red Hat
Published: 2025-04-05T00:00:00.000Z

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:M/Au:N/C:N/I:N/A:P)

Published

Apr 5, 2025

Added

Jul 9, 2025

Modified

Jun 18, 2026

Description

Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.

Solutions

redhat-upgrade-popplerredhat-upgrade-poppler-cppredhat-upgrade-poppler-cpp-debuginforedhat-upgrade-poppler-cpp-develredhat-upgrade-poppler-debuginforedhat-upgrade-poppler-debugsourceredhat-upgrade-poppler-develredhat-upgrade-poppler-glibredhat-upgrade-poppler-glib-debuginforedhat-upgrade-poppler-glib-develredhat-upgrade-poppler-glib-docredhat-upgrade-poppler-qt5redhat-upgrade-poppler-qt5-debuginforedhat-upgrade-poppler-qt5-develredhat-upgrade-poppler-qt6redhat-upgrade-poppler-qt6-debuginforedhat-upgrade-poppler-qt6-develredhat-upgrade-poppler-utilsredhat-upgrade-poppler-utils-debuginfo

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report