Linux Distros Unpatched Vulnerability : CVE-2017-18267

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service infinite recursion via a...

poppler security update

21.01.0-11 - Fix crashes in FoFiType1C - Rebuild for inclusion of poppler-glib-doc in CRB - Resolves: RHEL-4255, RHEL-4273 21.01.0-10 - Check XRef's Catalog for being a Dict - Resolves: 2189816 20.11.0-9 - Check isDict before calling getDict 2 - Resolves: 2189837 20.11.0-8 - Check isDict before...

RHEL 5 : poppler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - poppler: recursive function call in JBIG2Stream::readGenericBitmap in JBIG2Stream.cc causing denial of...

Oracle Linux 7 : GNOME (ELSA-2018-3140)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-3140 advisory. - Backport upstream patch for CVE-2018-12910 - Crash in soupcookiejar.c: getcookies on empty hostnames - Security fix for CVE-2018-15120 - Fix crash wh...

SUSE: Security Advisory (SUSE-SU-2023:2907-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0290)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15: libpoppler-cpp0 / libpoppler-devel / libpoppler-glib-devel / etc (SUSE-SU-2021:3854-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3854-1 advisory. - CVE-2017-18267: Fixed an infinite recursion that would allow remote attackers to cause a denial of service bsc1092945. -...

SUSE: Security Advisory (SUSE-SU-2021:3854-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for poppler (openSUSE-SU-2021:3854-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2019-1010)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : poppler (ALAS-2019-1217)

There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h. A crafted input will lead to a remote denial of service attack. Poppler versions later than 0.41.0 are not affected.CVE-2018-10768 The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler allows...

CentOS Update for gdm CESA-2018:3140 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : poppler (EulerOS-SA-2019-1010)

According to the versions of the poppler packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - poppler: out of bounds read in pdfunite CVE-2018-13988 - poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph function allows...

Fedora 28 : mingw-poppler (2018-12b934e224)

This update fixes CVE-2017-18267, CVE-2018-13988, CVE-2018-16646, CVE-2018-19058, CVE-2018-19059, CVE-2018-19060, CVE-2018-19149 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically...

Fedora 28 : poppler (2018-9a29edb638)

Security fix for CVE-2017-18267. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...

Fedora Update for mingw-poppler FEDORA-2018-12b934e224

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : poppler (ALAS-2018-1110)

There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h. A crafted input will lead to a remote denial of service attack.CVE-2018-10768 The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler allows remote attackers to cause a denial of service infinite...

Low: poppler

Issue Overview: There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h. A crafted input will lead to a remote denial of service attack.CVE-2018-10768 The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler allows remote attackers to cause a denial of...

Scientific Linux Security Update : GNOME on SL7.x x86_64 (20181030)

Security Fixes : - libsoup: Crash in soupcookiejar.c:getcookies on empty hostnames CVE-2018-12910 - poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph function allows denial of service CVE-2017-18267 - libgxps: heap based buffer over read in ftfontfacehash function of...

CentOS 7 : PackageKit / accountsservice / adwaita-icon-theme / appstream-data / at-spi2-atk / etc (CESA-2018:3140)

An update is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links ...