CVE Tools

CVE-2025-52885

GHSL-2025-042: Poppler has Use-After-Free

Published: Oct 10, 2025Updated: Nov 4, 2025 Sources: CVE List NVD BDUCWE-416

No Known Exploits

Patch Available

Description

Poppler ia a library for rendering PDF files, and examining or modifying their structure. A use-after-free (write) vulnerability has been detected in versions Poppler prior to 25.10.0 within the StructTreeRoot class. The issue arises from the use of raw pointers to elements of a `std::vector`, which can lead to dangling pointers when the vector is resized. The vulnerability stems from the way that refToParentMap stores references to `std::vector` elements using raw pointers. These pointers may become invalid when the vector is resized. This vulnerability is a common security problem involving the use of raw pointers to `std::vectors`. Internally, `std::vector `stores its elements in a dynamically allocated array. When the array reaches its capacity and a new element is added, the vector reallocates a larger block of memory and moves all the existing elements to the new location. At this point if any pointers to elements are stored before a resize occurs, they become dangling pointers once the reallocation happens. Version 25.10.0 contains a patch for the issue.

CVSS Vector Breakdown

Exploitability

AV:LAccess Vector

Local

AC:LAccess Complexity

Low

Impact

C:LConfidentiality

L

I:LIntegrity

L

A:HAvailability

H

Open in CVSS calculator →

Weaknesses

Affected Products

poppler poppler

Library

OSS Libraries / generic-library

Astra Linux Special Edition ООО «РусБИТех-Астра»

On-premOS

Operating Systems / linux-distro

Poppler Сообщество свободного программного обеспечения

LibraryLibrary

OSS Libraries / generic-library

poppleross-projectOSS Librariesaka poppler-utils

ооо «русбитех-астра»commercialRUOperating Systemsaka rusbitech-astra

сообщество свободного программного обеспеченияoss-projectOperating Systemsaka сообщество свободного программного обеспечения, fsf

Attack Graph

Products CVE Techniques Tactics

Click technique nodes to view MITRE ATT&CK details. Scroll to zoom, drag to pan.

Exploitability

Official Patch Available

MITRE ATT&CK

2 techniques

Initial Access

Privilege Escalation

View detailed technique mapping

References

https://securitylab.github.com/advisories/GHSL-2025-042_poppler/

securitylab.github.com

https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1884

gitlab.freedesktop.org

https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1884#note_3114334

gitlab.freedesktop.org

and 9 more references View all →

Timeline

Published

Oct 10, 2025

Last Updated

Nov 4, 2025

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2025-52885 and every CVE in our database. Create a free account — no credit card required.

Create Free Account

Plain-language analysis

Impact assessment and exploitation scenario in plain English

Attack graph visualization

Interactive attack path and kill chain mapping

Exploit details & PoC links

ExploitDB, Metasploit, GitHub PoCs with direct links

Nuclei scanner templates

Ready-to-use vulnerability scanner templates

Full remediation guide

Patch instructions, workarounds, and compliance impact

Interactive AI chat

Ask questions about this vulnerability in natural language

Related vulnerabilities

Semantically similar CVEs and attack patterns

REST API & MCP access

Integrate vulnerability data into your workflows