14 matches found
openSUSE 16 Security Update : cairo (openSUSE-SU-2026:20697-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20697-1 advisory. This update for cairo fixes the following issue: - CVE-2025-50422: Poppler crash on malformed input bsc1247589. Tenable has extracted the preceding...
OPENSUSE-SU-2026:20697-1 Security update for cairo
This update for cairo fixes the following issue: - CVE-2025-50422: Poppler crash on malformed input bsc1247589...
SUSE-SU-2026:21583-1 Security update for cairo
This update for cairo fixes the following issue: - CVE-2025-50422: Poppler crash on malformed input bsc1247589...
TencentOS Server 4: cairo (TSSA-2025:0708)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0708 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
SUSE SLED15: cairo-devel / cairo-devel-32bit / cairo-tools / libcairo-gobject2 / etc (SUSE-SU-2025:03449-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03449-1 advisory. - CVE-2025-50422: Fixed Poppler crash on malformed input bsc1247589 - Update to version 1.18.4: - The...
Security update for cairo
This update for cairo fixes the following issues: CVE-2025-50422: Fixed Poppler crash on malformed input bsc1247589 Update to version 1.18.4: The dependency on LZO has been made optional through a build time configuration toggle. You can build Cairo against a Freetype installation that does not...
Amazon Linux 2023 : cairo, cairo-devel, cairo-gobject (ALAS2023-2025-1172)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1172 advisory. An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not cleared upon program exit, allowing attackers to obtain sensitive PDF content via a memory...
Medium: cairo
Issue Overview: An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not cleared upon program exit, allowing attackers to obtain sensitive PDF content via a memory dump. CVE-2025-50422 Affected Packages: cairo Issue Correction: Run dnf update...
Medium: cairo
Issue Overview: An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not cleared upon program exit, allowing attackers to obtain sensitive PDF content via a memory dump. CVE-2025-50422 Affected Packages: cairo Note: This advisory is applicable ...
Amazon Linux 2 : cairo, --advisory ALAS2-2025-2989 (ALAS-2025-2989)
The version of cairo installed on the remote host is prior to 1.15.12-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2989 advisory. An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not cleared upon program...
SUSE CVE-2025-50422
Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled-face == NULL" assertion failure for cairoftunscaledfontfini in cairo-ft-font.c...
CVE-2025-50422
Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled-face == NULL" assertion failure for cairoftunscaledfontfini in cairo-ft-font.c...
CVE-2025-50422
Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled-face == NULL" assertion failure for cairoftunscaledfontfini in cairo-ft-font.c...
CVE-2025-50422
CVE-2025-50422 affects Cairo (up to 1.18.4) as used in Poppler (up to 25.08.0). The issue is an assertion failure (unscaled->face == NULL) in _cairo_ft_unscaled_font_fini within cairo-ft-font.c, leading to a crash in affected workflows. Mitigations from connected advisories: update Cairo/Poppl...