cbcvebase.
CVE-2025-32364
published 2025-04-05

CVE-2025-32364: A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated…

PriorityP415medium5.5CVSS 3.1
AVLACLPRNUIRSUCNINAH
EPSS
0.22%
12.0th percentile
A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianpoppler< poppler 22.12.0-2+deb12u1 (bookworm)poppler 22.12.0-2+deb12u1 (bookworm)
freedesktoppoppler< 25.04.025.04.0
freedesktoppoppler>= 0 < 20.09.0-3.1+deb11u220.09.0-3.1+deb11u2
freedesktoppoppler>= 0 < 22.12.0-2+deb12u122.12.0-2+deb12u1
freedesktoppoppler>= 0 < 25.03.0-325.03.0-3
freedesktoppoppler>= 0 < 25.03.0-325.03.0-3

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv5.5MEDIUM
vendor_debian4.0MEDIUM
vendor_redhat4.0MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.