198 matches found
Moderate: poppler security and bug fix update
Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: integer overflow in JBIG2 decoder using malformed files CVE-2022-38784 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
SUSE: Security Advisory (SUSE-SU-2023:0677-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: libpoppler-cpp0 / libpoppler-devel / libpoppler-glib-devel / etc (SUSE-SU-2023:0677-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0677-1 advisory. - CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder bsc1202692. Bugfixes: - Fixed issue where...
EulerOS 2.0 SP5 : compat-poppler022 (EulerOS-SA-2023-1495)
According to the versions of the compat-poppler022 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in...
SUSE SLED15: libpoppler-cpp0 / libpoppler-cpp0-32bit / libpoppler-devel / etc (SUSE-SU-2023:0495-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0495-1 advisory. - CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder bsc1202692. Tenable has extracted the...
SUSE SLES12: libpoppler-cpp0 / libpoppler-devel / libpoppler-glib-devel / etc (SUSE-SU-2023:0494-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0494-1 advisory. - CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder bsc1202692. - CVE-2019-13283: Fixed heap-based buffer over-read that...
SUSE-SU-2023:0495-1 Security update for poppler
This update for poppler fixes the following issues: - CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder bsc1202692...
SUSE SLES15: libpoppler-cpp0 / libpoppler-devel / libpoppler-glib-devel / etc (SUSE-SU-2023:0480-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0480-1 advisory. - CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder bsc1202692. - CVE-2019-13283: Fixed heap-based buffer...
SUSE CVE-2009-0800
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file...
SUSE CVE-2009-1180
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data...
SUSE CVE-2022-38171
Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...
Fedora 36 : poppler (2022-f79aa2bae9)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-f79aa2bae9 advisory. Security fix for CVE-2022-38784 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
Updated poppler packages fix security vulnerability
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...
MGASA-2022-0386 Updated poppler packages fix security vulnerability
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...
GLSA-202209-21 : Poppler: Arbitrary Code Execution
The remote host is affected by the vulnerability described in GLSA-202209-21 Poppler: Arbitrary Code Execution - An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2...
ROS-20220926-02
Poppler PDF rendering library vulnerability is related to integer overflow in decoder JBIG2 in the JBIG2Stream::readTextRegionSeg function in JBIGStream.c. Exploitation of the vulnerability could allow an an attacker acting remotely to pass a specially crafted PDF file or image to an application...
OESA-2022-1906 poppler security update
Poppler is a free software utility library for rendering Portable Document Format PDF documents. \Its development is supported by freedesktop.org. It is commonly used on Linux systems,and is used by \the PDF viewers of the open source GNOME and KDE desktop environments. Security Fixes: Poppler...
CVE-2022-38784
An integer overflow issue was discovered in Popplers' JBIG2 decoder in the JBIG2Stream::readTextRegionSeg function in JBIGStream.cc file. This flaw allows an attacker to trick a user into opening a malformed PDF file or JBIG2 image in the application, triggering an integer overflow, which could...
Updated xpdf packages fix security vulnerability
In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. CVE-2022-24106 Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...
MGASA-2022-0320 Updated xpdf packages fix security vulnerability
In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. CVE-2022-24106 Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...