Lucene search
K

198 matches found

AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.34 views

Moderate: poppler security and bug fix update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: integer overflow in JBIG2 decoder using malformed files CVE-2022-38784 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

7.8CVSS7.6AI score0.00574EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2023:0677-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.4AI score0.00574EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2023/03/10 12:0 a.m.49 views

SUSE SLED15: libpoppler-cpp0 / libpoppler-devel / libpoppler-glib-devel / etc (SUSE-SU-2023:0677-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0677-1 advisory. - CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder bsc1202692. Bugfixes: - Fixed issue where...

7.8CVSS7.3AI score0.00574EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2023/03/08 12:0 a.m.21 views

EulerOS 2.0 SP5 : compat-poppler022 (EulerOS-SA-2023-1495)

According to the versions of the compat-poppler022 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in...

7.8CVSS7.9AI score0.00574EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/02/24 12:0 a.m.24 views

SUSE SLED15: libpoppler-cpp0 / libpoppler-cpp0-32bit / libpoppler-devel / etc (SUSE-SU-2023:0495-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0495-1 advisory. - CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder bsc1202692. Tenable has extracted the...

7.8CVSS7.3AI score0.00574EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/02/24 12:0 a.m.45 views

SUSE SLES12: libpoppler-cpp0 / libpoppler-devel / libpoppler-glib-devel / etc (SUSE-SU-2023:0494-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0494-1 advisory. - CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder bsc1202692. - CVE-2019-13283: Fixed heap-based buffer over-read that...

7.8CVSS6.9AI score0.01129EPSS
Exploits2References7
OSV
OSV
added 2023/02/23 11:48 a.m.7 views

SUSE-SU-2023:0495-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder bsc1202692...

7.8CVSS7.7AI score0.00574EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/02/23 12:0 a.m.36 views

SUSE SLES15: libpoppler-cpp0 / libpoppler-devel / libpoppler-glib-devel / etc (SUSE-SU-2023:0480-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0480-1 advisory. - CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder bsc1202692. - CVE-2019-13283: Fixed heap-based buffer...

7.8CVSS6.9AI score0.01129EPSS
Exploits2References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.3 views

SUSE CVE-2009-0800

Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file...

6.8CVSS7.8AI score0.05491EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.4 views

SUSE CVE-2009-1180

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data...

6.8CVSS7.8AI score0.05411EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:24 a.m.3 views

SUSE CVE-2022-38171

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

7.8CVSS8.2AI score0.00314EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/12/23 12:0 a.m.26 views

Fedora 36 : poppler (2022-f79aa2bae9)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-f79aa2bae9 advisory. Security fix for CVE-2022-38784 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

7.8CVSS8.2AI score0.00574EPSS
Exploits1References2
Mageia
Mageia
added 2022/10/23 10:48 p.m.62 views

Updated poppler packages fix security vulnerability

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...

7.8CVSS7.8AI score0.00574EPSS
Exploits1References7
OSV
OSV
added 2022/10/23 10:48 p.m.5 views

MGASA-2022-0386 Updated poppler packages fix security vulnerability

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...

7.8CVSS7.7AI score0.00574EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2022/09/29 12:0 a.m.38 views

GLSA-202209-21 : Poppler: Arbitrary Code Execution

The remote host is affected by the vulnerability described in GLSA-202209-21 Poppler: Arbitrary Code Execution - An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2...

7.8CVSS7.8AI score0.75994EPSS
Exploits3References4
Redos
Redos
added 2022/09/26 12:0 a.m.22 views

ROS-20220926-02

Poppler PDF rendering library vulnerability is related to integer overflow in decoder JBIG2 in the JBIG2Stream::readTextRegionSeg function in JBIGStream.c. Exploitation of the vulnerability could allow an an attacker acting remotely to pass a specially crafted PDF file or image to an application...

7.8CVSS8AI score0.00574EPSS
Exploits1
OSV
OSV
added 2022/09/09 11:4 a.m.3 views

OESA-2022-1906 poppler security update

Poppler is a free software utility library for rendering Portable Document Format PDF documents. \Its development is supported by freedesktop.org. It is commonly used on Linux systems,and is used by \the PDF viewers of the open source GNOME and KDE desktop environments. Security Fixes: Poppler...

7.8CVSS7.5AI score0.00574EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2022/09/07 3:49 p.m.37 views

CVE-2022-38784

An integer overflow issue was discovered in Popplers' JBIG2 decoder in the JBIG2Stream::readTextRegionSeg function in JBIGStream.cc file. This flaw allows an attacker to trick a user into opening a malformed PDF file or JBIG2 image in the application, triggering an integer overflow, which could...

7.8CVSS8AI score0.75994EPSS
Exploits3References4
Mageia
Mageia
added 2022/09/07 5:27 a.m.67 views

Updated xpdf packages fix security vulnerability

In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. CVE-2022-24106 Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...

7.8CVSS7.8AI score0.00314EPSS
Exploits0References2
OSV
OSV
added 2022/09/07 5:27 a.m.9 views

MGASA-2022-0320 Updated xpdf packages fix security vulnerability

In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. CVE-2022-24106 Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...

7.8CVSS7.7AI score0.00314EPSS
Exploits0References3
Rows per page
Query Builder