CVE-2025-2574 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
GandC	CNA	---				---
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 2%

Debian Releases

Debian Product

Codename

xpdf

bullseye	3.04+git20210103-3 fixed
bookworm	3.04+git20220601-1 fixed
sid	3.04+git20250304-1 fixed
trixie	3.04+git20250304-1 fixed

Common Weakness Enumeration

CWE-787 - Out-of-bounds Write
The software writes data past the end, or before the beginning, of the intended buffer.

References

https://www.xpdfreader.com/security-bug/CVE-2025-2574.html