CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-57248

A null pointer dereference vulnerability was discovered in SumatraPDF 3.5.2 during the processing of a crafted .djvu file. When the file is opened, the application crashes inside libmupdf.dll, specifically in the DataPool::has_data() function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 15.4%

CVSS Severity

CVSS v3 Score 7.3

References

https://github.com/sumatrapdfreader/sumatrapdf/issues/5035

Products affected by CVE-2025-57248

Sumatrapdfreader » Sumatrapdf » Version: 3.5.2

cpe:2.3:a:sumatrapdfreader:sumatrapdf:3.5.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-57248

Products

Pricing

Contact Us