An update for poppler is now available for openEuler-20.03-LTS-SP4 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2025-2074 Final 1.0 1.0 2025-08-22 Initial 2025-08-22 2025-08-22 openEuler SA Tool V1.0 2025-08-22 poppler security update An update for poppler is now available for openEuler-20.03-LTS-SP4 is a PDF rendering library. Security Fix(es): A vulnerability classified as problematic has been found in Freedesktop Poppler 25.04.0 (Document Reader Software).CWE is classifying the issue as CWE-674. The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.This is going to have an impact on availability.There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.(CVE-2025-50420) An update for poppler is now available for openEuler-20.03-LTS-SP4. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium poppler https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2074 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-50420 https://nvd.nist.gov/vuln/detail/CVE-2025-50420 openEuler-20.03-LTS-SP4 poppler-0.90.0-13.oe2003sp4.aarch64.rpm poppler-cpp-0.90.0-13.oe2003sp4.aarch64.rpm poppler-cpp-devel-0.90.0-13.oe2003sp4.aarch64.rpm poppler-debuginfo-0.90.0-13.oe2003sp4.aarch64.rpm poppler-debugsource-0.90.0-13.oe2003sp4.aarch64.rpm poppler-devel-0.90.0-13.oe2003sp4.aarch64.rpm poppler-glib-0.90.0-13.oe2003sp4.aarch64.rpm poppler-glib-devel-0.90.0-13.oe2003sp4.aarch64.rpm poppler-qt5-0.90.0-13.oe2003sp4.aarch64.rpm poppler-qt5-devel-0.90.0-13.oe2003sp4.aarch64.rpm poppler-utils-0.90.0-13.oe2003sp4.aarch64.rpm poppler-0.90.0-13.oe2003sp4.src.rpm poppler-0.90.0-13.oe2003sp4.x86_64.rpm poppler-cpp-0.90.0-13.oe2003sp4.x86_64.rpm poppler-cpp-devel-0.90.0-13.oe2003sp4.x86_64.rpm poppler-debuginfo-0.90.0-13.oe2003sp4.x86_64.rpm poppler-debugsource-0.90.0-13.oe2003sp4.x86_64.rpm poppler-devel-0.90.0-13.oe2003sp4.x86_64.rpm poppler-glib-0.90.0-13.oe2003sp4.x86_64.rpm poppler-glib-devel-0.90.0-13.oe2003sp4.x86_64.rpm poppler-qt5-0.90.0-13.oe2003sp4.x86_64.rpm poppler-qt5-devel-0.90.0-13.oe2003sp4.x86_64.rpm poppler-utils-0.90.0-13.oe2003sp4.x86_64.rpm poppler-glib-doc-0.90.0-13.oe2003sp4.noarch.rpm poppler-help-0.90.0-13.oe2003sp4.noarch.rpm A vulnerability classified as problematic has been found in Freedesktop Poppler 25.04.0 (Document Reader Software).CWE is classifying the issue as CWE-674. The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.This is going to have an impact on availability.There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product. 2025-08-22 CVE-2025-50420 openEuler-20.03-LTS-SP4 Medium 6.5 AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H poppler security update 2025-08-22 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2074