HCE3-SA-2025-0128 Important HCE 3.0 Security Fix(es): A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN. (CVE-2025-32364) libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc. (CVE-2024-56378) NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries. (CVE-2025-43903) Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check. (CVE-2025-32365) A flaw was found in the Poppler_x27;s Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service. (CVE-2024-6239) HCE 3.0 poppler-23.12.0-7.hce3.x86_64.rpm poppler-cpp-23.12.0-7.hce3.x86_64.rpm poppler-cpp-devel-23.12.0-7.hce3.x86_64.rpm poppler-devel-23.12.0-7.hce3.x86_64.rpm poppler-glib-23.12.0-7.hce3.x86_64.rpm poppler-glib-devel-23.12.0-7.hce3.x86_64.rpm poppler-glib-doc-23.12.0-7.hce3.noarch.rpm poppler-help-23.12.0-7.hce3.noarch.rpm poppler-qt5-23.12.0-7.hce3.x86_64.rpm poppler-qt5-devel-23.12.0-7.hce3.x86_64.rpm poppler-utils-23.12.0-7.hce3.x86_64.rpm poppler-23.12.0-7.hce3.aarch64.rpm poppler-cpp-23.12.0-7.hce3.aarch64.rpm poppler-cpp-devel-23.12.0-7.hce3.aarch64.rpm poppler-devel-23.12.0-7.hce3.aarch64.rpm poppler-glib-23.12.0-7.hce3.aarch64.rpm poppler-glib-devel-23.12.0-7.hce3.aarch64.rpm poppler-qt5-23.12.0-7.hce3.aarch64.rpm poppler-qt5-devel-23.12.0-7.hce3.aarch64.rpm poppler-utils-23.12.0-7.hce3.aarch64.rpm