CVE-2025-32364

CWE-190Integer Overflow8 documents7 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 73.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Freedesktop Poppler
Timeline
PublishedApr 5
Latest updateApr 9

Description

A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 2.5 | Impact: 1.4

Affected Packages3 packages

CVEListV5freedesktop/poppler< 25.04.0
NVDfreedesktop/poppler< 25.04.0
Debianpoppler< 20.09.0-3.1+deb11u2+3

Patches

Patch: gitlab.freedesktop.org

🔴Vulnerability Details

3
GHSA
GHSA-69gq-2xc5-f33j: A floating-point exception in the PSStack::roll function of Poppler before 252025-04-07
OSV
CVE-2025-32364: A floating-point exception in the PSStack::roll function of Poppler before 252025-04-05
CVEList
CVE-2025-32364: A floating-point exception in the PSStack::roll function of Poppler before 252025-04-05

📋Vendor Advisories

4
Ubuntu
poppler vulnerabilities2025-04-09
Ubuntu
poppler vulnerabilities2025-04-08
Red Hat
poppler: Floating-Point Exception in Poppler2025-04-05
Debian
CVE-2025-32364: poppler - A floating-point exception in the PSStack::roll function of Poppler before 25.04...2025
CVE-2025-32364 (MEDIUM CVSS 5.5) | A floating-point exception in the P | cvebase.io