Unity Linux 20.1070e Security Update: poppler (UTSA-2026-017720)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017720 advisory. In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths. Tenable has...

Astra Linux - уязвимость в poppler

The JPXStream::init function in Poppler 0.78.0 and earlier does not check for negative values of stream length, which can lead to an Integer Overflow. This allows an attacker to allocate a large memory chunk on the heap, with the size controlled by them. This issue was demonstrated by pdftocairo...

EUVD-2005-3192

Malware in sbrugna...

EUVD-2018-19777

Malware in sbrugna...

EUVD-2018-19183

Malware in sbrugna...

EUVD-2018-19783

Malware in sbrugna...

EUVD-2018-19782

Malware in sbrugna...

EUVD-2018-19186

Malware in sbrugna...

EUVD-2018-19776

Malware in sbrugna...

EUVD-2022-29019

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-9959

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it...

SUSE CVE-2005-3193

Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code JPXStream.c for xpdf 3.01 and earlier, as used in products such as 1 Poppler, 2 teTeX, 3 KDE kpdf, 4 CUPS, and 5 libextractor allows user-assisted attackers to cause a denial of service heap...

SUSE CVE-2017-9083

poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. For example, the perftest utility will crash segmentation fault when parsing an invalid PDF file...

SUSE CVE-2018-7452

A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml...

SUSE CVE-2018-8105

The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service heap-based buffer over-read and application crash via a specific pdf file, as demonstrated by pdftohtml...

SUSE CVE-2018-8107

The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service heap-based buffer over-read and application crash via a specific pdf file, as demonstrated by pdftohtml...

SUSE CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

SUSE CVE-2019-14294

An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read...

SUSE CVE-2022-24107

Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...

Updated xpdf packages fix security vulnerability

In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. CVE-2022-24106 Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...