Security update for poppler

This update for poppler fixes the following issues: CVE-2025-32364: Fixed a floating point exception. bsc1240880 CVE-2025-32365: Fixed the isOk check in JBIG2Bitmap::combine function in JBIG2Stream.cc. bsc1240881 Patch Instructions: To install this SUSE update use the SUSE recommended installatio...

Security update for poppler

This update for poppler fixes the following issues: CVE-2025-32364: Fixed a floating point exception. bsc1240880 CVE-2025-32365: Fixed the isOk check in JBIG2Bitmap::combine function in JBIG2Stream.cc. bsc1240881 Patch Instructions: To install this SUSE update use the SUSE recommended installatio...

SUSE CVE-2025-32365

Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check...

Freedesktop Poppler 安全漏洞

Freedesktop Poppler is a Freedesktop community C++ class library for generating PDFs, which is inherited from Xpdf PDF reader. A security vulnerability exists in Freedesktop Poppler version 24.12.0 and earlier versions, which stems from an out-of-bounds read vulnerability in libpoppler.so in the...

SUSE CVE-2018-8103

The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service heap-based buffer over-read and application crash via a specific pdf file, as demonstrated by pdftohtml...

SUSE CVE-2019-9543

An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to for example the pdfseparate binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly...

SUSE CVE-2019-9545

An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readTextRegion located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to for example the pdfimages binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have...

SUSE CVE-2022-38222

There is a use-after-free issue in JBIG2Stream::close located in JBIG2Stream.cc in Xpdf 4.04. It can be triggered by sending a crafted PDF file to for example the pdfimages binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact...

CVE-2022-38222

There is a use-after-free issue in JBIG2Stream::close located in JBIG2Stream.cc in Xpdf 4.04. It can be triggered by sending a crafted PDF file to for example the pdfimages binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact...

XPDF 资源管理错误漏洞

XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. A security vulnerability exists in XPDF version 4.04, which stems from a reuse-after-release issue in JBIG2Stream::close in JBIG2Stream.cc, and can be...

CVE-2019-13289

In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool...

CVE-2019-13286

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure...

UBUNTU-CVE-2019-9545

An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readTextRegion located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to for example the pdfimages binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation. An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to for example the pdfseparate...

DEBIAN-CVE-2018-8103

The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service heap-based buffer over-read and application crash via a specific pdf file, as demonstrated by pdftohtml...

xpdf denial of service vulnerability (CNVD-2018-06676)

Xpdf is an open source PDF file viewer, this software runs on X Window as well as Motif. xpdf also runs on all classes of Unix operating systems. xpdf 4.00 in the JBIG2Stream.cc in the JBIG2Stream::readGenericBitmap function there is a denial of service vulnerability. An attacker can exploit this...

Design/Logic Flaw

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JBIG2 decoder. The vulnerability is triggered by a crafted PDF...

poppler: Integer overflow in JBIG2Stream.cc

An integer overflow leading to heap-based buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use poppler such as Evince to crash, or potentially execute arbitrary code when opened...

Adobe Products JBIG2 Stream Buffer Overflow - Ver2 (CVE-2009-0658)

A buffer overflow vulnerability has been reported in Adobe products. The vulnerability is due to errors in Adobe products that fail to sufficiently validate input when processing embedded JBIG2 streams within PDF documents. A remote attacker could exploit this vulnerability via a specially crafte...

Integer overflow

Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted JBIG2 stream in a PDF file, leading to a heap-based buffer overflow...