Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata (such as GTS_PDFEVersion) of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated functions in PDFDoc, with deep recursion in the regex executor (std::__detail::_Executor).
Weakness
The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Poppler | Ubuntu | devel | * |
| Poppler | Ubuntu | jammy | * |
| Poppler | Ubuntu | noble | * |
| Poppler | Ubuntu | plucky | * |
| Poppler | Ubuntu | questing | * |
| Poppler | Ubuntu | upstream | * |