11 matches found
USN-8400-1: poppler vulnerability
It was discovered that poppler incorrectly handled certain malformed PDF tiling patterns in the Splash backend. An attacker could possibly use this issue to execute arbitrary code, obtain sensitive information, or cause a denial of service...
Astra Linux – Vulnerability in poppler, poppler-22
NSSCryptoSignBackend.cc in Poppler before version 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, which can lead to potential signature forgeries...
Astra Linux – Vulnerability in Poppler
Uncontrolled recursion exists in pdfinfo and pdftops in poppler 0.89.0. This allows remote attackers to cause a denial of service through crafted inputs...
Astra Linux – Vulnerability in poppler, poppler-22
Before version 25.04.0, crafted input files could cause out-of-bounds reads in the JBIG2Bitmap::combine function within JBIG2Stream.cc, due to an improperly placed isOk check...
Astra Linux – Vulnerability in Poppler
Versions of Poppler from 24.06.1 through 25.x, prior to 25.04.0, allowed stack consumption and a SIGSEGV due to deeply nested structures within the metadata of a PDF document such as GTSPDFEVersion. This issue occurred in functions like Dict::lookup, Catalog::getMetadata, and related functions in...
Unity Linux 20.1070e Security Update: poppler (UTSA-2026-017695)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017695 advisory. A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that,...
poppler: Out-of-Bounds Read in Poppler
A flaw was found in Poppler. This vulnerability allows out-of-bounds reads via crafted input files that trigger the JBIG2Bitmap::combine function due to a misplaced isOk check...
EUVD-2020-20282
Malware in sbrugna...
CVE-2025-50422
A PDF parsing flaw has been discovered in poppler. This flaw may allow an attacker who can craft a malicious pdf file to induce a crash if they can convince their target to open the crafted pdf. Mitigation Mitigation for this issue is either not available or the currently available options do not...
SUSE CVE-2010-4654
poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack...
ALPINE-CVE-2020-27778
A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service...