OESA-2025-2621 poppler security update

Poppler is a free software utility library for rendering Portable Document Format PDF documents. \ Its development is supported by freedesktop.org. It is commonly used on Linux systems,and is used by \ the PDF viewers of the open source GNOME and KDE desktop environments. Security Fixes: An issue...

Linux Distros Unpatched Vulnerability : CVE-2022-35097

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::writeTTF at /xpdf/FoFiTrueType.cc. CVE-2022-35097 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2020-35376

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp function...

Linux Distros Unpatched Vulnerability : CVE-2022-38928

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2393. CVE-2022-38928 Note that Nessus relies on the presence of the package as reported by...

SUSE CVE-2020-36023

An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service DoS via crafted .pdf file to FoFiType1C::cvtGlyph function...

DEBIAN-CVE-2020-36023

An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service DoS via crafted .pdf file to FoFiType1C::cvtGlyph function...

UBUNTU-CVE-2020-36024

An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service DoS via crafted .pdf file to FoFiType1C::convertToType1 function...

SUSE CVE-2017-1000187

In SWFTools, an address access exception was found in pdf2swf. FoFiTrueType::writeTTF...

SUSE CVE-2022-41843

An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE-2022-38928...

CVE-2022-41843

An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE-2022-38928...

CVE-2022-41843

An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE-2022-38928...

UBUNTU-CVE-2022-41843

An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE-2022-38928...

CVE-2022-41843

CVE-2022-41843 corresponds to an issue in Xpdf 4.04 where convertToType0 in fofi/FoFiType1C.cc causes a crash. This entry is distinct from CVE-2022-38928. Several advisories note that Xpdf 4.04 is affected and that fixed packages exist; Gentoo/Mageia advisories show remediation guidance, upgradin...

UBUNTU-CVE-2022-35097

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::writeTTF at /xpdf/FoFiTrueType.cc...

XPDF 代码问题漏洞

XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. A security vulnerability exists in XPDF version 4.04, which stems from vulnerability to the null pointer dereference attack in FoFiType1C.cc:2393...

SWFTools 缓冲区错误漏洞

SWFTools is a set of utilities for working with Adobe Flash files SWF files from the individual developer Matthias Kramm. A security vulnerability exists in SWFTools that stems from a segmentation violation in FoFiTrueType::computeTableChecksumunsigned char, int in the file /xpdf/FoFiTrueType.cc...

UBUNTU-CVE-2019-13283

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. It can, for example, be triggered by sending a crafted PDF document to the...

CVE-2019-13283

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. It can, for example, be triggered by sending a crafted PDF document to the...

CVE-2019-13283

CVE-2019-13283 affects Xpdf 4.01.01 and is a heap-based over-read in FoFiType1::parse (FoFiType1.cc) triggered by crafted PDFs; the source string length isn’t validated before a fixed-length strncpy copy, enabling potential Denial of Service or information leakage via crafted PDFs (pdftotext). Re...

Xpdf buffer overflow vulnerability (CNVD-2019-16390)

Xpdf is an open source PDF reader from Foo Labs. The product supports decoding LZW compressed format files and read encrypted PDF files. Xpdf 4.01.01 version of the fofi/FoFiTrueType.cc file of the FoFiTrueType::dumpString there is a buffer overflow vulnerability that can be exploited by an...