vulnerability

SUSE: CVE-2025-43718: SUSE Linux Security Advisory

Try Surface Command
Back to search
Severity
2
CVSS
(AV:L/AC:M/Au:N/C:N/I:N/A:P)
Published
Oct 24, 2025
Added
Dec 5, 2025
Modified
Dec 5, 2025

Description

Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata (such as GTS_PDFEVersion) of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated functions in PDFDoc, with deep recursion in the regex executor (std::__detail::_Executor).

Solutions

suse-upgrade-libpoppler-cpp0suse-upgrade-libpoppler-cpp0-32bitsuse-upgrade-libpoppler-develsuse-upgrade-libpoppler-glib-develsuse-upgrade-libpoppler-glib8suse-upgrade-libpoppler-glib8-32bitsuse-upgrade-libpoppler-qt5-1suse-upgrade-libpoppler-qt5-1-32bitsuse-upgrade-libpoppler-qt5-develsuse-upgrade-libpoppler-qt6-3suse-upgrade-libpoppler-qt6-develsuse-upgrade-libpoppler126suse-upgrade-libpoppler135suse-upgrade-libpoppler135-32bitsuse-upgrade-libpoppler89suse-upgrade-poppler-toolssuse-upgrade-typelib-1_0-poppler-0_18

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today