CVE-2025-11896

EUVD-2025-34838
In Xpdf 4.05 (and earlier), a PDF object loop in a CMap, via the "UseCMap" entry, leads to infinite recursion and a stack overflow.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
xpdf
bionic
needs-triage
jammy
needs-triage
noble
needs-triage
plucky
ignored
questing
needs-triage
resolute
needs-triage
xenial
ignored
ipe
bionic
needs-triage
focal
needs-triage
jammy
needs-triage
noble
needs-triage
plucky
ignored
questing
needs-triage
resolute
needs-triage
xenial
ignored
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libpoppler-cpp0
suse enterprise desktop 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise desktop 15 SP7
24.03.0-150600.3.27.1
fixed
suse enterprise sap 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise sap 15 SP7
24.03.0-150600.3.27.1
fixed
suse enterprise server 15 SP4
22.01.0-150400.3.44.1
fixed
suse enterprise server 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise server 15 SP7
24.03.0-150600.3.27.1
fixed
libpoppler-devel
suse enterprise desktop 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise desktop 15 SP7
24.03.0-150600.3.27.1
fixed
suse enterprise sap 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise sap 15 SP7
24.03.0-150600.3.27.1
fixed
suse enterprise server 15 SP4
22.01.0-150400.3.44.1
fixed
suse enterprise server 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise server 15 SP7
24.03.0-150600.3.27.1
fixed
libpoppler-glib-devel
suse enterprise desktop 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise desktop 15 SP7
24.03.0-150600.3.27.1
fixed
suse enterprise sap 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise sap 15 SP7
24.03.0-150600.3.27.1
fixed
suse enterprise server 15 SP4
22.01.0-150400.3.44.1
fixed
suse enterprise server 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise server 15 SP7
24.03.0-150600.3.27.1
fixed
libpoppler-glib8
suse enterprise desktop 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise desktop 15 SP7
24.03.0-150600.3.27.1
fixed
suse enterprise sap 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise sap 15 SP7
24.03.0-150600.3.27.1
fixed
suse enterprise server 12 SP3
0.43.0-16.70.1
fixed
suse enterprise server 15 SP4
22.01.0-150400.3.44.1
fixed
suse enterprise server 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise server 15 SP7
24.03.0-150600.3.27.1
fixed
libpoppler-qt4-4
suse enterprise server 12 SP3
0.43.0-16.70.1
fixed
libpoppler117
suse enterprise server 15 SP4
22.01.0-150400.3.44.1
fixed
libpoppler135
suse enterprise desktop 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise desktop 15 SP7
24.03.0-150600.3.27.1
fixed
suse enterprise sap 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise sap 15 SP7
24.03.0-150600.3.27.1
fixed
suse enterprise server 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise server 15 SP7
24.03.0-150600.3.27.1
fixed
libpoppler60
suse enterprise server 12 SP3
0.43.0-16.70.1
fixed
libpoppler89
suse enterprise desktop 15 SP7
0.79.0-150200.3.49.1
fixed
suse enterprise sap 15 SP7
0.79.0-150200.3.49.1
fixed
suse enterprise server 15 SP4
0.79.0-150200.3.49.1
fixed
suse enterprise server 15 SP7
0.79.0-150200.3.49.1
fixed
poppler-tools
suse enterprise desktop 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise desktop 15 SP7
24.03.0-150600.3.27.1
fixed
suse enterprise sap 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise sap 15 SP7
24.03.0-150600.3.27.1
fixed
suse enterprise server 12 SP3
0.43.0-16.70.1
fixed
suse enterprise server 15 SP4
22.01.0-150400.3.44.1
fixed
suse enterprise server 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise server 15 SP7
24.03.0-150600.3.27.1
fixed
typelib-1_0-Poppler-0_18
suse enterprise desktop 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise desktop 15 SP7
24.03.0-150600.3.27.1
fixed
suse enterprise sap 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise sap 15 SP7
24.03.0-150600.3.27.1
fixed
suse enterprise server 15 SP4
22.01.0-150400.3.44.1
fixed
suse enterprise server 15 SP6
24.03.0-150600.3.27.1
fixed
suse enterprise server 15 SP7
24.03.0-150600.3.27.1
fixed
Common Weakness Enumeration
References
https://www.xpdfreader.com/security-bug/object-loops.html