835 matches found
openSUSE Security Advisory (SUSE-SU-2025:03449-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: cairo-devel / cairo-devel-32bit / cairo-tools / libcairo-gobject2 / etc (SUSE-SU-2025:03449-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03449-1 advisory. - CVE-2025-50422: Fixed Poppler crash on malformed input bsc1247589 - Update to version 1.18.4: - The...
SUSE SLES12: cairo-devel / libcairo-gobject2 / libcairo-gobject2-32bit / etc (SUSE-SU-2025:03450-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03450-1 advisory. - CVE-2019-6461: Avoid assert when drawing arcs with NaN angles. bsc1122338 - CVE-2025-50422: Fix NULL pointer access in activeedgestotraps...
SUSE-SU-2025:03450-1 Security update for cairo
This update for cairo fixes the following issues: - CVE-2019-6461: Avoid assert when drawing arcs with NaN angles. bsc1122338 - CVE-2025-50422: Fix NULL pointer access in activeedgestotraps leading to crash in Poppler. bsc1247589...
Security update for cairo
This update for cairo fixes the following issues: CVE-2025-50422: Fixed Poppler crash on malformed input bsc1247589 Update to version 1.18.4: The dependency on LZO has been made optional through a build time configuration toggle. You can build Cairo against a Freetype installation that does not...
SUSE-SU-2025:03449-1 Security update for cairo
This update for cairo fixes the following issues: - CVE-2025-50422: Fixed Poppler crash on malformed input bsc1247589 - Update to version 1.18.4: + The dependency on LZO has been made optional through a build time configuration toggle. + You can build Cairo against a Freetype installation that do...
Security update for cairo
This update for cairo fixes the following issues: CVE-2025-50422: NULL pointer access in activeedgestotraps can lead to crash in Poppler bsc1247589. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
SUSE-SU-2025:03280-1 Security update for cairo
This update for cairo fixes the following issues: - CVE-2025-50422: NULL pointer access in activeedgestotraps can lead to crash in Poppler bsc1247589...
ROS-20250910-02
A vulnerability in the Hints::Hints poppler/Hints.cc function of the Poppler PDF display library is related to a resource release error. with resource release errors. Exploitation of the vulnerability allows an attacker acting remotely, to cause a denial of service using a specially crafted PDF...
ROS-20250910-03
Vulnerability of Poppler PDF rendering library is related to lack of object threads cleanup PDF when cairodebugresetstaticdata is called. Exploitation of the vulnerability could allow an attacker to gain access to confidential information...
Amazon Linux 2023 : cairo, cairo-devel, cairo-gobject (ALAS2023-2025-1172)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1172 advisory. An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not cleared upon program exit, allowing attackers to obtain sensitive PDF content via a memory...
Amazon Linux 2 : cairo, --advisory ALAS2-2025-2989 (ALAS-2025-2989)
The version of cairo installed on the remote host is prior to 1.15.12-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2989 advisory. An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not cleared upon program...
Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled->face == NULL" assertion failure for _cairo_ft_unscaled_font_fini in cairo-ft-font.c.
...
Linux Distros Unpatched Vulnerability : CVE-2018-19876
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cairo 1.16.0, in cairoftapplyvariations in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an...
Linux Distros Unpatched Vulnerability : CVE-2023-27586
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files....
Linux Distros Unpatched Vulnerability : CVE-2020-35492
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's...
cairo-devel-1.18.4-3.1 on GA media (moderate)
cairo-devel-1.18.4-3.1 on GA media Announcement ID: openSUSE-SU-2025:15458-1 Rating: moderate Cross-References: CVE-2025-50422 CVSS scores: CVE-2025-50422 SUSE : 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now...
Security update for cairo
This update for cairo fixes the following issues: CVE-2025-50422: NULL pointer access in activeedgestotraps can lead to crash in Poppler bsc1247589. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
SUSE-SU-2025:02843-1 Security update for cairo
This update for cairo fixes the following issues: - CVE-2025-50422: NULL pointer access in activeedgestotraps can lead to crash in Poppler bsc1247589...
OPENSUSE-SU-2025:15457-1 cairo-devel-1.18.4-3.1 on GA media
These are all security issues fixed in the cairo-devel-1.18.4-3.1 package on the GA media of openSUSE Tumbleweed...