Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Poppler: Multiple Vulnerabilities — GLSA 202509-01

Multiple vulnerabilities have been discovered in Poppler, the worst of which could lead to execution of arbitrary code.

Affected packages

Package app-text/poppler on all architectures
Affected versions < 25.06.0
Unaffected versions >= 25.06.0

Background

Poppler is a PDF rendering library based on the xpdf-3.0 code base.

Description

Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details.

Impact

Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Resolution

All Poppler users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-text/poppler-25.06.0"

References

Release date
September 17, 2025

Latest revision
September 17, 2025: 1

Severity
high

Exploitable
local

Bugzilla entries