28 matches found
[SECURITY] Fedora 42 Update: mingw-poppler-24.08.0-7.fc42
MinGW Windows Poppler library...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: poppler (UTSA-2025-988617)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988617 advisory. An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead t...
[SECURITY] Fedora 41 Update: mingw-poppler-24.02.0-6.fc41
MinGW Windows Poppler library...
[SECURITY] Fedora 42 Update: mingw-poppler-24.08.0-6.fc42
MinGW Windows Poppler library...
EUVD-2018-2838
Malware in sbrugna...
EUVD-2017-6452
Malware in sbrugna...
Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled->face == NULL" assertion failure for _cairo_ft_unscaled_font_fini in cairo-ft-font.c.
...
Linux Distros Unpatched Vulnerability : CVE-2009-3604
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocat...
AZL-67719 CVE-2025-50422 affecting package cairo 1.17.4-3
Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled-face == NULL" assertion failure for cairoftunscaledfontfini in cairo-ft-font.c...
Astra Linux – Vulnerability in Poppler
A floating-point exception in the PSStack::roll function of Poppler before version 25.04.0 can cause an application to crash when handling malformed inputs associated with INTMIN...
[SECURITY] Fedora 41 Update: mingw-poppler-24.02.0-4.fc41
MinGW Windows Poppler library...
SUSE CVE-2019-10873
An issue was discovered in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc...
SUSE CVE-2017-9083
poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. For example, the perftest utility will crash segmentation fault when parsing an invalid PDF file...
PT-2022-5566 · Poppler +9 · Poppler +9
Name of the Vulnerable Software and Affected Versions: Poppler version 22.03.0 Description: A logic error in the Hints::Hints function allows attackers to cause a Denial of Service DoS via a crafted PDF file. The issue is related to errors in resource release. Exploitation of the issue enables a...
DEBIAN-CVE-2010-4654
poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack...
CVE-2010-4654
poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack...
poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc
A heap-based buffer underwrite exists in ImageStream::getLine located at Stream.cc in Poppler 0.74.0 that can for example be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impa...
PT-2019-5747 · Poppler +4 · Poppler +4
Name of the Vulnerable Software and Affected Versions: Poppler versions prior to 0.66.0 Description: The issue is related to an integer overflow in the Parser::makeStream function in Parser.cc. This can potentially allow a remote attacker to access confidential data, compromise data integrity, an...
PT-2019-19696 · Poppler +2 · Poppler +2
Name of the Vulnerable Software and Affected Versions: Poppler version 0.74.0 Description: An issue in the JBIG2Stream::readTextRegion function, located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file. This allows an attacker to cause a Denial of Service Segmentation fault or...
DEBIAN-CVE-2018-20650
A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class in FileSpec.cc in pdfdetach...