Lucene search

Poppler Security Vulnerabilities

cve

CVE-2022-37052

A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in...

6.5CVSS

6.2AI Score

0.0005EPSS

2023-08-22 07:16 PM

166

cve

CVE-2022-37050

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

6.5CVSS

6.4AI Score

0.0005EPSS

2023-08-22 07:16 PM

342

cve

CVE-2022-37051

An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded...

6.5CVSS

6.1AI Score

0.0005EPSS

2023-08-22 07:16 PM

351

cve

CVE-2022-38349

An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded...

6.5CVSS

6AI Score

0.0005EPSS

2023-08-22 07:16 PM

320

cve

CVE-2020-23804

Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted...

7.5CVSS

7.2AI Score

0.001EPSS

2023-08-22 07:16 PM

330

cve

CVE-2020-18839

Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of...

6.5CVSS

6.2AI Score

0.0005EPSS

2023-08-22 07:15 PM

cve

CVE-2020-36023

An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph...

6.5CVSS

6.1AI Score

0.001EPSS

2023-08-11 02:15 PM

205

cve

CVE-2020-36024

An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1...

5.5CVSS

5.4AI Score

0.001EPSS

2023-08-11 02:15 PM

529

cve

CVE-2023-34872

A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in...

5.5CVSS

5.2AI Score

0.002EPSS

2023-07-31 02:15 PM

cve

CVE-2022-38784

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability...

7.8CVSS

7.6AI Score

0.002EPSS

2022-08-30 03:15 AM

184

cve

CVE-2022-38171

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

7.8CVSS

7.9AI Score

0.002EPSS

2022-08-22 07:15 PM

227

In Wild

cve

CVE-2022-27337

A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF...

6.5CVSS

6AI Score

0.002EPSS

2022-05-05 07:15 PM

124