Astra Linux - уязвимость в poppler-22, poppler

A issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h; this could lead to a denial of service. This issue arises because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...

EUVD-2022-40939

Malicious code in bioql PyPI...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : poppler (SUSE-SU-2023:3947-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3947-1 advisory. - In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a...

SUSE CVE-2022-38349

An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...

Code injection

An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...

CVE-2022-38349

An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...

CVE-2022-38349

An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...

PT-2023-5245 · Poppler +5 · Poppler +5

Name of the Vulnerable Software and Affected Versions: Poppler version 22.08.0 Description: The issue is related to a reachable assertion in Object.h, which can lead to denial of service. This occurs because the PDFDoc::replacePageDict function in PDFDoc.cc lacks a stream check before saving an...

CVE-2022-38349

CVE-2022-38349 affects Poppler 22.08.0. The issue is a reachable assertion in Object.h, leading to a denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file. Public references indicate Debian/Ubuntu advisories patch this in respective rel...

Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2020-1173)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-20662

In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing...

DEBIAN-CVE-2018-19058

An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file...

Code injection

An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file...

CVE-2018-19058

An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file...

CVE-2018-19058

The connected documents corroborate CVE-2018-19058 as a Poppler 0.71.0 issue: a reachable abort in Object.h caused by EmbFile::save2 lacking a stream check leads to denial of service. Additional CVEs in the same Poppler set are cited across multiple advisories (CVE-2018-19059, CVE-2018-19060, CVE...

PT-2018-3707 · Poppler +5 · Poppler +5

Name of the Vulnerable Software and Affected Versions: Poppler version 0.71.0 Description: The issue is related to a reachable abort in Object.h, which can lead to a denial of service. This is because the EmbFile::save2 function in FileSpec.cc lacks a stream check before saving an embedded file...

Xpdf Denial of Service Vulnerability (CNVD-2019-17491)

Xpdf is Foo Labs developed an open source PDF reader , it supports decoding LZW compressed format files and read encrypted PDF files . Xpdf 4.00 version of the Object.h file in the 'Object::isName' function has a security vulnerability. A remote attacker can exploit this vulnerability with a...

CVE-2018-18456

The function Object::isName in Object.h called from Gfx::opSetFillColorN in Xpdf 4.00 allows remote attackers to cause a denial of service stack-based buffer over-read via a crafted pdf file, as demonstrated by pdftoppm...

CVE-2018-18456

The function Object::isName in Object.h called from Gfx::opSetFillColorN in Xpdf 4.00 allows remote attackers to cause a denial of service stack-based buffer over-read via a crafted pdf file, as demonstrated by pdftoppm...

CVE-2017-14519

In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls aka a Gfx.cc infinite loop...