icon

We found results for “

CVE-2025-43903

Good to know:

icon

Date: April 17, 2025

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.

Severity Score

Severity Score

Weakness Type (CWE)

Improper Verification of Cryptographic Signature

CWE-347

Top Fix

icon

Upgrade Version

Upgrade to version https://gitlab.freedesktop.org/poppler/poppler.git - poppler-25.04.0

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): CHANGED
Confidentiality (C): NONE
Integrity (I): LOW
Availability (A): NONE

Do you need more information?

Contact Us