CVE-2025-32364

Published: Apr 5, 2025

Modified: Nov 3, 2025

PUBLISHED

CVSS v3.1

4.0

MEDIUM

Description

A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN.

Vendor	Product	Versions
freedesktop	Poppler	affected `0 - < 25.04.0`

Weaknesses (CWE)

CWE-190

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

References

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1574

https://gitlab.freedesktop.org/poppler/poppler/-/commit/d87bc726c7cc98f8c26b60ece5f20236e9de1bc3

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-32364

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References