19 matches found
MiracleLinux 7 : evince-3.28.2-9.el7poppler-0.26.5-42.el7 (AXSA:2020-4565:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4565:01 advisory. poppler: integer overflow in Parser::makeStream in Parser.cc CVE-2018-21009 poppler: heap-based buffer over-read in function...
SUSE SLED15: libpoppler-cpp0 / libpoppler-devel / libpoppler-glib-devel / etc (SUSE-SU-2021:3854-1)
The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3854-1 advisory. - CVE-2017-18267: Fixed an infinite recursion that would allow remote attackers to cause a denial of service bsc1092945. -...
SUSE: Security Advisory (SUSE-SU-2021:3854-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2021-1699)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.05 / MAIN 5.05 : poppler Multiple Vulnerabilities (NS-SA-2020-0110)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has poppler packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc...
USN-4646-2: poppler regression
USN-4646-1 fixed vulnerabilities in poppler. The fix for CVE-2019-10871 introduced a regression causing certain applications linked against poppler to fail. This update backs out the fix pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovere...
Medium: poppler
Issue Overview: An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc. CVE-2019-10871 Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc.CVE-2018-21009 The JPXStream::init...
Amazon Linux AMI : poppler (ALAS-2020-1398)
The version of poppler installed on the remote host is prior to 0.26.5-42.20. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1398 advisory. The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through...
Moderate: Red Hat Security Advisory: poppler and evince security update
An update for poppler and evince is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
[SECURITY] [DLA 1963-2] poppler regression update
Package : poppler Version : 0.180.26.5-2+deb8u13 CVE ID : CVE-2019-10871 Debian Bug : 942503 The fix for CVE-2019-10871 broke xpdf. This change has been reverted until a better fix can be developed. For Debian 8 "Jessie", this problem has been fixed in version 0.180.26.5-2+deb8u13. We recommend...
Debian DLA-1963-2 : poppler regression update
The fix for CVE-2019-10871 broke xpdf. This change has been reverted until a better fix can be developed. For Debian 8 'Jessie', this problem has been fixed in version 0.180.26.5-2+deb8u13. We recommend that you upgrade your poppler packages. NOTE: Tenable Network Security has extracted the...
Debian: Security Advisory (DLA-1963-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2019-0276 Updated poppler packages fix security vulnerabilities
The updated packages fix security vulnerabilities: The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an...
Updated poppler packages fix security vulnerabilities
The updated packages fix security vulnerabilities: The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an...
Fedora Update for poppler FEDORA-2019-cb2bff6d48
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
DEBIAN-CVE-2019-10871
An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc...
CVE-2019-10871
Poppler 0.74.0 contains a heap-based buffer over-read in PSOutputDev::checkPageSlice (PSOutputDev.cc), identified as CVE-2019-10871. The issue is documented across multiple advisories (SUSE/OpenSUSE, EulerOS, etc.) as a vulnerability in Poppler, with no additional exploit details provided in the ...
CVE-2019-10871
An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc...
Poppler <= 0.74.0 Multiple Vulnerabilities
The version of Poppler installed on the remote host is prior or equal to 0.74.0. It is, therefore, affected by the following vulnerabilities : - Multiple input-validation flaws exist that allow heap buffer overflows leading to application crashes and other unspecified impact. CVE-2019-7310,...