Astra Linux - уязвимость в poppler

The JPXStream::init function in Poppler 0.78.0 and earlier does not check for negative values of stream length, which can lead to an Integer Overflow. This allows an attacker to allocate a large memory chunk on the heap, with the size controlled by them. This issue was demonstrated by pdftocairo...

CVE-2025-11222

Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft...

Central Dogma's Login Function Has an Open Redirect Vulnerability

Impact Successful exploitation of this vulnerability could allow an attacker to craft a malicious link that, when clicked by a victim, redirects them to a phishing website designed to mimic the legitimate Central Dogma login page. This could result in the compromise of user accounts and...

EUVD-2025-201153

Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft...

CVE-2025-11222

Central Dogma is affected by an Open Redirect vulnerability in the login flow for versions before 0.78.0. A crafted URL can redirect users to untrusted sites, enabling phishing and potential credential theft. The issue is documented across multiple sources (NVD/Red Hat OSV/GHSA etc.) with the fix...

CVE-2025-11222

Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft...

PT-2025-49019

Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft...

EUVD-2019-5670

Malware in sbrugna...

Medium: poppler

Issue Overview: An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc. CVE-2019-10871 Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc.CVE-2018-21009 The JPXStream::init...

Design/Logic Flaw

An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc...

Integer overflow

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...