Landw-Hub

**Name of the Vulnerable Software and Affected Versions** poppler version 25.04.0 **Description** The heap memory containing PDF stream objects is not cleared upon program exit, potentially allowing attackers to obtain sensitive PDF content via a memory dump. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Artifex mupdf versions 1.25.5 through 1.25.6 **Description** An issue in Artifex mupdf allows a remote attacker to cause a denial of service via an infinite recursion in the `mutool clean` utility. This occurs when processing a crafted PDF file containing cyclic /Next references in the outline structure, causing the `strip outline()` function to enter infinite recursion. **Recommendations** Artifex mupdf version 1.25.5: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Artifex mupdf version 1.25.6: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** freedesktop poppler version 25.04.0 **Description** An issue in the `pdfseparate` utility allows attackers to cause an infinite recursion by supplying a crafted PDF file, potentially leading to a Denial of Service (DoS). **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.