Debian dsa-6334 : gir1.2-poppler-0.18 - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6334 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6334-1 [email protected]...

MiracleLinux 7 : poppler-0.26.5-38.el7, evince-3.28.2-8.el7, okular-4.10.5-7.el7 (AXSA:2019-4277:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4277:01 advisory. poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc CVE-2019-7310 poppler: heap-based buffer overflow in function ImageStream::getLine...

Poppler: Multiple Vulnerabilities

Background Poppler is a PDF rendering library based on the xpdf-3.0 code base. Description Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is...

USN-7687-1: poppler vulnerabilities

Jieyong Ma discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2022-27337 Kevin Backhouse discovere...

Fedora 42 : poppler (2025-e2c3dbdbee)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-e2c3dbdbee advisory. This update fixes these CVEs: CVE-2025-32364 CVE-2025-32365 CVE-2024-56378 Tenable has extracted the preceding description block directly from the...

NewStart CGSL MAIN 7.02 : poppler Multiple Vulnerabilities (NS-SA-2025-0119)

The remote NewStart CGSL host, running version MAIN 7.02, has poppler packages installed that are affected by multiple vulnerabilities: - A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, ...

Debian dla-4141 : gir1.2-poppler-0.18 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4141 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4141-1 [email protected]...

USN-7471-1: poppler vulnerabilities

It was discovered that poppler did not properly verify adbe.pkcs7.sha1 signatures in PDF documents. An attacker could possibly use this issue to create documents with forged signatures that are treated as legitimately signed...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : poppler (SUSE-SU-2025:1342-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1342-1 advisory. - CVE-2025-32364: Fixed a floating point exception. bsc1240880 - CVE-2025-32365: Fixed the isOk...

USN-7426-2: poppler vulnerabilities

USN-7426-1 fixed several vulnerabilities in poppler. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that poppler incorrectly handled memory when opening certain PDF files. An attacker could possibly use this...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : poppler vulnerabilities (USN-7426-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7426-1 advisory. It was discovered that poppler incorrectly handled memory when opening certain PDF files. An attacker could possibly use...

Fedora 40 : mingw-poppler (2025-ed039a54de)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-ed039a54de advisory. Backport fix for CVE-2024-56378. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Fedora 41 : mingw-poppler (2025-e39bfb1baa)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-e39bfb1baa advisory. Backport fix for CVE-2024-56378. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

USN-6508-1 poppler vulnerabilities

It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu...

SUSE-SU-2023:3983-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2020-23804: Fixed uncontrolled recursion in pdfinfo and pdftops bsc1215422. - CVE-2020-36024: Fixed NULL Pointer Deference in FoFiType1C:convertToType1 bsc1214257. - CVE-2022-37050: Fixed denial-of-service via savePageAs in PDFDoc.c...

SUSE-SU-2023:3982-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2020-23804: Fixed uncontrolled recursion in pdfinfo and pdftops bsc1215422. - CVE-2020-36024: Fixed NULL Pointer Deference in FoFiType1C:convertToType1 bsc1214257. - CVE-2022-37050: Fixed denial-of-service via savePageAs in PDFDoc.c...

SUSE-SU-2023:3981-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2020-23804: Fixed uncontrolled recursion in pdfinfo and pdftops bsc1215422. - CVE-2020-36024: Fixed NULL Pointer Deference in FoFiType1C:convertToType1 bsc1214257. - CVE-2022-37050: Fixed denial-of-service via savePageAs in PDFDoc.c...

SUSE-SU-2023:3947-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2022-37050: Fixed denial-of-service via savePageAs in PDFDoc.c bsc1214622. - CVE-2022-37051: Fixed abort in main in pdfunite.cc bsc1214621. - CVE-2022-38349: Fixed reachable assertion in Object.h that will lead to denial of service...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : poppler vulnerabilities (USN-6299-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6299-1 advisory. It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked int...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : poppler vulnerabilities (USN-6273-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6273-1 advisory. Jieyong Ma discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue t...