CVE-2025-24671

Name of the Vulnerable Software and Affected Versions Pdfcrowd Save as PDF plugin versions n/a through 4.4.0

Description The issue is related to the deserialization of untrusted data, allowing object injection in the Pdfcrowd Save as PDF plugin. This enables potential attackers to inject objects, which could lead to further exploitation.

Recommendations For versions n/a through 4.4.0, update to a version later than 4.4.0 to resolve the issue. As a temporary workaround, consider disabling the deserialization of untrusted data functionality until a patch is available. Restrict access to the plugin to minimize the risk of exploitation.