SUSE SLED15 / SLES15 / openSUSE 15 Security Update : poppler (SUSE-SU-2025:3779-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3779-1 advisory. - CVE-2025-43718: fixed uncontrolled recursion in the regex-based metadata parser when processin...

CVE-2025-43718

Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated...