CVE-2025-50422

medium

Description

An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not cleared upon program exit, allowing attackers to obtain sensitive PDF content via a memory dump.

References

https://github.com/Landw-hub/CVE-2025-50422

http://poppler.com

http://freedesktop.com

Details

Source: Mitre, NVD

Published: 2025-08-04

Updated: 2025-08-04

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L