CVE-2025-50422

CVSS v3.1

2.9

Low

Vector

AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions poppler version 25.04.0

Description The heap memory containing PDF stream objects is not cleared upon program exit, potentially allowing attackers to obtain sensitive PDF content via a memory dump.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617CWE-244

Related Identifiers

AZL-66159

AZL-67719

BDU:2025-11408

CVE-2025-50422

ECHO-7FD4-8457-9821

OPENSUSE-SU-2025:15457-1

OPENSUSE-SU-2026:20697-1

SUSE-SU-2025:02843-1

SUSE-SU-2025:03280-1

SUSE-SU-2025:03449-1

SUSE-SU-2025:03450-1

SUSE-SU-2025_03449-1

SUSE-SU-2026:21573-1

SUSE-SU-2026:21583-1

Affected Products

Debian

Red Os

Suse

Poppler

CVE-2025-50422

Weakness Enumeration

Related Identifiers

Affected Products

References · 41