21 matches found
TencentOS Server 4: poppler (TSSA-2025:0636)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0636 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
OESA-2025-2521 poppler security update
is a PDF rendering library. Security Fixes: NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.CVE-2025-43903...
Linux Distros Unpatched Vulnerability : CVE-2025-43903
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries...
SUSE: Security Advisory (SUSE-SU-2025:1434-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2025-1476 poppler security update
is a PDF rendering library. Security Fixes: NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.CVE-2025-43903...
MGASA-2025-0143 Updated poppler packages fix security vulnerability
NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries. CVE-2025-43903...
Mageia: Security Advisory (MGASA-2025-0143)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2025:1434-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: libpoppler-cpp0 / libpoppler-cpp0-32bit / libpoppler-devel / etc (SUSE-SU-2025:1434-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1434-1 advisory. - CVE-2025-43903: improper verification of adbe.pkcs7.sha1 signatures allows for signature forgeries...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-43903: improper verification of adbe.pkcs7.sha1 signatures allows for signature forgeries. bsc1241620 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2025:1434-1 Security update for poppler
This update for poppler fixes the following issues: - CVE-2025-43903: improper verification of adbe.pkcs7.sha1 signatures allows for signature forgeries. bsc1241620...
Ubuntu: Security Advisory (USN-7471-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-43903
A flaw was found in Poppler. For signatures with non-empty encapsulated content, typically adbe.pkcs7.sha1, it would only compare hash values, and SignatureValue was never checked within SignerInfo. This issue could lead to signature forgeries...
CVE-2025-43903
creationtimestamp| type| source ---|---|--- 2025-04-18 21:59:28+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12550 2025-04-19 00:38:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ln4vhski3l2c 2025-04-19 00:56:37+00:00| seen| https://t.me/cvedetector/23354 2025-05-08...
CVE-2025-43903
NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries...
CVE-2025-43903
NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries...
CVE-2025-43903
NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries...
CVE-2025-43903
NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries...
CVE-2025-43903
Summary: CVE-2025-43903 affects Poppler NSSCryptoSignBackend.cc before 25.04.0, which does not verify adbe.pkcs7.sha1 signatures in PDF documents, enabling potential signature forgeries. What is affected: Poppler (NSSCryptoSignBackend.cc) in versions prior to 25.04.0. The vulnerability is describ...
CVE-2025-43903
NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries...